From f3020a06b1801a15dce3c5cbcf520ac4d20fa57a Mon Sep 17 00:00:00 2001 From: Chikara Takahashi Date: Tue, 19 Dec 2023 16:19:28 -0500 Subject: [PATCH 1/2] feat: enable use of efs volumes from ecs task definition --- main.tf | 15 +++++++++++++++ variables.tf | 12 ++++++------ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/main.tf b/main.tf index 97c2e1b..3de7f7d 100644 --- a/main.tf +++ b/main.tf @@ -441,6 +441,21 @@ resource "aws_ecs_task_definition" "main" { for_each = var.container_volumes content { name = volume.value.name + dynamic "efs_volume_configuration" { + for_each = try([volume.value.efs_volume_configuration], []) + + content { + authorization_config { + access_point_id = try(efs_volume_configuration.value.access_point_id, null) + iam = try(efs_volume_configuration.value.iam, "ENABLED") + } + + file_system_id = var.efs_instance_id + root_directory = try(efs_volume_configuration.value.root_directory, "/") + transit_encryption = try(efs_volume_configuration.value.transit_encryption, "ENABLED") + transit_encryption_port = try(efs_volume_configuration.value.transit_encryption_port, null) + } + } } } diff --git a/variables.tf b/variables.tf index a22a14b..8dcee15 100644 --- a/variables.tf +++ b/variables.tf @@ -209,12 +209,6 @@ variable "lb_target_groups" { variable "container_volumes" { description = "Volumes that containers in your task may use." default = [] - type = list( - object({ - name = string - }) - ) - } variable "hello_world_container_ports" { @@ -269,3 +263,9 @@ variable "ecs_deployment_circuit_breaker" { rollback = false } } + +variable "efs_instance_id" { + description = "ID of the EFS instance volume" + type = string + default = "" +} From 4673588c71cdf7943505d89be818e14b5d068bf8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 19 Dec 2023 21:20:32 +0000 Subject: [PATCH 2/2] terraform-docs: automated action --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index edf78fa..b687ece 100644 --- a/README.md +++ b/README.md @@ -157,7 +157,7 @@ No modules. | cloudwatch\_alarm\_name | Generic name used for CPU and Memory Cloudwatch Alarms | `string` | `""` | no | | container\_definitions | Container definitions provided as valid JSON document. Default uses golang:alpine running a simple hello world. | `string` | `""` | no | | container\_image | The image of the container. | `string` | `"golang:alpine"` | no | -| container\_volumes | Volumes that containers in your task may use. | ```list( object({ name = string }) )``` | `[]` | no | +| container\_volumes | Volumes that containers in your task may use. | `list` | `[]` | no | | ec2\_create\_task\_execution\_role | Set to true to create ecs task execution role to ECS EC2 Tasks. | `bool` | `false` | no | | ecr\_repo\_arns | The ARNs of the ECR repos. By default, allows all repositories. | `list(string)` | ```[ "*" ]``` | no | | ecs\_cluster | ECS cluster object for this task. | ```object({ arn = string name = string })``` | n/a | yes | @@ -167,6 +167,7 @@ No modules. | ecs\_subnet\_ids | Subnet IDs for the ECS tasks. | `list(string)` | n/a | yes | | ecs\_use\_fargate | Whether to use Fargate for the task definition. | `bool` | `false` | no | | ecs\_vpc\_id | VPC ID to be used by ECS. | `string` | n/a | yes | +| efs\_instance\_id | ID of the EFS instance volume | `string` | `""` | no | | enable\_ecs\_managed\_tags | Specifies whether to enable Amazon ECS managed tags for the tasks within the service | `bool` | `false` | no | | environment | Environment tag, e.g prod. | `string` | n/a | yes | | fargate\_platform\_version | The platform version on which to run your service. Only applicable when using Fargate launch type. | `string` | `"LATEST"` | no |