Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Create and attach new SG
Browse files Browse the repository at this point in the history
- Renamed cloudwatch ecs web log group
Ronaldo Macapobre committed Aug 7, 2024
1 parent b2ed914 commit 3eaeb42
Showing 8 changed files with 83 additions and 36 deletions.
10 changes: 5 additions & 5 deletions infrastructure/cloud/modules/container/ecs.tf
Original file line number Diff line number Diff line change
@@ -24,13 +24,13 @@ resource "aws_ecs_task_definition" "ecs_web_task_definition" {
{
containerPort = 8080
}
],
]
logConfiguration = {
logDriver = "awslogs",
logDriver = "awslogs"
options = {
awslogs-group = var.ecs_web_log_group_name,
awslogs-region = var.region,
awslogs-stream-prefix = "ecs"
"awslogs-group" = var.ecs_web_td_log_group_name
"awslogs-region" = var.region
"awslogs-stream-prefix" = "ecs"
}
}
}
4 changes: 2 additions & 2 deletions infrastructure/cloud/modules/container/variables.tf
Original file line number Diff line number Diff line change
@@ -33,7 +33,7 @@ variable "lb_tg_arn" {
type = string
}

variable "ecs_web_log_group_name" {
description = "ECS Web Log Group Name in CloudWatch"
variable "ecs_web_td_log_group_name" {
description = "ECS Web Task Definition Log Group Name in CloudWatch"
type = string
}
5 changes: 2 additions & 3 deletions infrastructure/cloud/modules/monitoring/logs.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
resource "aws_cloudwatch_log_group" "ecs_web_log_group" {
name = "${var.app_name}-ecs-web-log-group-${var.environment}"
retention_in_days = 30
resource "aws_cloudwatch_log_group" "ecs_web_td_log_group" {
name = "${var.app_name}-ecs-web-td-log-group-${var.environment}"
}
4 changes: 2 additions & 2 deletions infrastructure/cloud/modules/monitoring/outputs.tf
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
output "ecs_web_log_group_name" {
value = aws_cloudwatch_log_group.ecs_web_log_group.name
output "ecs_web_td_log_group_name" {
value = aws_cloudwatch_log_group.ecs_web_td_log_group.name
}
4 changes: 2 additions & 2 deletions infrastructure/cloud/modules/networking/alb.tf
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
resource "aws_lb" "lb" {
name = "${var.app_name}-lb-${var.environment}"
subnets = local.web_subnets
security_groups = [data.aws_security_group.sg.id]
internal = false
security_groups = [aws_security_group.sg.id]
internal = true
load_balancer_type = "application"
enable_http2 = true

2 changes: 1 addition & 1 deletion infrastructure/cloud/modules/networking/outputs.tf
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
output "sg_id" {
value = data.aws_security_group.sg.id
value = aws_security_group.sg.id
}

output "lb_tg_arn" {
52 changes: 50 additions & 2 deletions infrastructure/cloud/modules/networking/securitygroup.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,52 @@
data "aws_security_group" "sg" {
# Load Balancer Security Group
resource "aws_security_group" "sg" {
name = "${var.app_name}-lb-sg-${var.environment}"
vpc_id = data.aws_vpc.vpc.id
name = "Web_sg"

ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}

tags = {
Name = "${var.app_name}_sg_${var.environment}"
}
}


# ECS Security Group
resource "aws_security_group" "ecs_sg" {
name = "${var.app_name}-ecs-sg-${var.environment}"
vpc_id = data.aws_vpc.vpc.id

ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = null
security_groups = [aws_security_group.sg.id]
}

egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
38 changes: 19 additions & 19 deletions infrastructure/cloud/modules/networking/vpc.tf
Original file line number Diff line number Diff line change
@@ -44,25 +44,25 @@ locals {
# }
}

resource "aws_internet_gateway" "igw" {
vpc_id = data.aws_vpc.vpc.id
tags = {
Name = "${var.app_name}_igw_${var.environment}"
}
}
# resource "aws_internet_gateway" "igw" {
# vpc_id = data.aws_vpc.vpc.id
# tags = {
# Name = "${var.app_name}_igw_${var.environment}"
# }
# }

resource "aws_route_table" "rt" {
vpc_id = data.aws_vpc.vpc.id
}
# resource "aws_route_table" "rt" {
# vpc_id = data.aws_vpc.vpc.id
# }

resource "aws_route" "route" {
route_table_id = aws_route_table.rt.id
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
# resource "aws_route" "route" {
# route_table_id = aws_route_table.rt.id
# destination_cidr_block = "0.0.0.0/0"
# gateway_id = aws_internet_gateway.igw.id
# }

resource "aws_route_table_association" "rt_assoc" {
count = length(var.web_subnet_names)
subnet_id = local.web_subnets[count.index]
route_table_id = aws_route_table.rt.id
}
# resource "aws_route_table_association" "rt_assoc" {
# count = length(var.web_subnet_names)
# subnet_id = local.web_subnets[count.index]
# route_table_id = aws_route_table.rt.id
# }

0 comments on commit 3eaeb42

Please sign in to comment.