diff --git a/examples/complete/main.tf b/examples/complete/main.tf index d7ae6ff0..604cd5ba 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -17,7 +17,7 @@ module "vpc" { module "subnets" { source = "cloudposse/dynamic-subnets/aws" - version = "2.1.0" + version = "2.4.2" availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id diff --git a/main.tf b/main.tf index 76bebf50..d1ee1ece 100644 --- a/main.tf +++ b/main.tf @@ -418,6 +418,23 @@ resource "aws_ecs_service" "ignore_changes_task_definition" { force_new_deployment = var.force_new_deployment enable_execute_command = var.exec_enabled + dynamic "deployment_configuration" { + for_each = var.deployment_configuration == null ? [] : [var.deployment_configuration] + content { + strategy = try(deployment_configuration.value.strategy, null) + bake_time_in_minutes = try(deployment_configuration.value.bake_time_in_minutes, null) + + dynamic "lifecycle_hook" { + for_each = try(deployment_configuration.value.lifecycle_hooks, []) + content { + hook_target_arn = lifecycle_hook.value.hook_target_arn + role_arn = lifecycle_hook.value.role_arn + lifecycle_stages = lifecycle_hook.value.lifecycle_stages + } + } + } + } + dynamic "capacity_provider_strategy" { for_each = var.capacity_provider_strategies content { @@ -467,6 +484,18 @@ resource "aws_ecs_service" "ignore_changes_task_definition" { content { dns_name = client_alias.value.dns_name port = client_alias.value.port + + dynamic "test_traffic_rules" { + for_each = try(client_alias.value.test_traffic_rules, []) + content { + header { + name = test_traffic_rules.value.header.name + value { + exact = test_traffic_rules.value.header.value.exact + } + } + } + } } } dynamic "timeout" { @@ -514,6 +543,16 @@ resource "aws_ecs_service" "ignore_changes_task_definition" { container_port = load_balancer.value.container_port elb_name = lookup(load_balancer.value, "elb_name", null) target_group_arn = lookup(load_balancer.value, "target_group_arn", null) + + dynamic "advanced_configuration" { + for_each = try(load_balancer.value.advanced_configuration, null) == null ? [] : [load_balancer.value.advanced_configuration] + content { + alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn + production_listener_rule = advanced_configuration.value.production_listener_rule + role_arn = advanced_configuration.value.role_arn + test_listener_rule = try(advanced_configuration.value.test_listener_rule, null) + } + } } } @@ -572,6 +611,23 @@ resource "aws_ecs_service" "ignore_changes_task_definition_and_desired_count" { force_new_deployment = var.force_new_deployment enable_execute_command = var.exec_enabled + dynamic "deployment_configuration" { + for_each = var.deployment_configuration == null ? [] : [var.deployment_configuration] + content { + strategy = try(deployment_configuration.value.strategy, null) + bake_time_in_minutes = try(deployment_configuration.value.bake_time_in_minutes, null) + + dynamic "lifecycle_hook" { + for_each = try(deployment_configuration.value.lifecycle_hooks, []) + content { + hook_target_arn = lifecycle_hook.value.hook_target_arn + role_arn = lifecycle_hook.value.role_arn + lifecycle_stages = lifecycle_hook.value.lifecycle_stages + } + } + } + } + dynamic "capacity_provider_strategy" { for_each = var.capacity_provider_strategies content { @@ -621,6 +677,18 @@ resource "aws_ecs_service" "ignore_changes_task_definition_and_desired_count" { content { dns_name = client_alias.value.dns_name port = client_alias.value.port + + dynamic "test_traffic_rules" { + for_each = try(client_alias.value.test_traffic_rules, []) + content { + header { + name = test_traffic_rules.value.header.name + value { + exact = test_traffic_rules.value.header.value.exact + } + } + } + } } } dynamic "timeout" { @@ -668,6 +736,16 @@ resource "aws_ecs_service" "ignore_changes_task_definition_and_desired_count" { container_port = load_balancer.value.container_port elb_name = lookup(load_balancer.value, "elb_name", null) target_group_arn = lookup(load_balancer.value, "target_group_arn", null) + + dynamic "advanced_configuration" { + for_each = try(load_balancer.value.advanced_configuration, null) == null ? [] : [load_balancer.value.advanced_configuration] + content { + alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn + production_listener_rule = advanced_configuration.value.production_listener_rule + role_arn = advanced_configuration.value.role_arn + test_listener_rule = try(advanced_configuration.value.test_listener_rule, null) + } + } } } @@ -726,6 +804,23 @@ resource "aws_ecs_service" "ignore_changes_desired_count" { force_new_deployment = var.force_new_deployment enable_execute_command = var.exec_enabled + dynamic "deployment_configuration" { + for_each = var.deployment_configuration == null ? [] : [var.deployment_configuration] + content { + strategy = try(deployment_configuration.value.strategy, null) + bake_time_in_minutes = try(deployment_configuration.value.bake_time_in_minutes, null) + + dynamic "lifecycle_hook" { + for_each = try(deployment_configuration.value.lifecycle_hooks, []) + content { + hook_target_arn = lifecycle_hook.value.hook_target_arn + role_arn = lifecycle_hook.value.role_arn + lifecycle_stages = lifecycle_hook.value.lifecycle_stages + } + } + } + } + dynamic "capacity_provider_strategy" { for_each = var.capacity_provider_strategies content { @@ -775,6 +870,18 @@ resource "aws_ecs_service" "ignore_changes_desired_count" { content { dns_name = client_alias.value.dns_name port = client_alias.value.port + + dynamic "test_traffic_rules" { + for_each = try(client_alias.value.test_traffic_rules, []) + content { + header { + name = test_traffic_rules.value.header.name + value { + exact = test_traffic_rules.value.header.value.exact + } + } + } + } } } dynamic "timeout" { @@ -822,6 +929,16 @@ resource "aws_ecs_service" "ignore_changes_desired_count" { container_port = load_balancer.value.container_port elb_name = lookup(load_balancer.value, "elb_name", null) target_group_arn = lookup(load_balancer.value, "target_group_arn", null) + + dynamic "advanced_configuration" { + for_each = try(load_balancer.value.advanced_configuration, null) == null ? [] : [load_balancer.value.advanced_configuration] + content { + alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn + production_listener_rule = advanced_configuration.value.production_listener_rule + role_arn = advanced_configuration.value.role_arn + test_listener_rule = try(advanced_configuration.value.test_listener_rule, null) + } + } } } @@ -880,6 +997,23 @@ resource "aws_ecs_service" "default" { force_new_deployment = var.force_new_deployment enable_execute_command = var.exec_enabled + dynamic "deployment_configuration" { + for_each = var.deployment_configuration == null ? [] : [var.deployment_configuration] + content { + strategy = try(deployment_configuration.value.strategy, null) + bake_time_in_minutes = try(deployment_configuration.value.bake_time_in_minutes, null) + + dynamic "lifecycle_hook" { + for_each = try(deployment_configuration.value.lifecycle_hooks, []) + content { + hook_target_arn = lifecycle_hook.value.hook_target_arn + role_arn = lifecycle_hook.value.role_arn + lifecycle_stages = lifecycle_hook.value.lifecycle_stages + } + } + } + } + dynamic "capacity_provider_strategy" { for_each = var.capacity_provider_strategies content { @@ -929,6 +1063,18 @@ resource "aws_ecs_service" "default" { content { dns_name = client_alias.value.dns_name port = client_alias.value.port + + dynamic "test_traffic_rules" { + for_each = try(client_alias.value.test_traffic_rules, []) + content { + header { + name = test_traffic_rules.value.header.name + value { + exact = test_traffic_rules.value.header.value.exact + } + } + } + } } } dynamic "timeout" { @@ -976,6 +1122,16 @@ resource "aws_ecs_service" "default" { container_port = load_balancer.value.container_port elb_name = lookup(load_balancer.value, "elb_name", null) target_group_arn = lookup(load_balancer.value, "target_group_arn", null) + + dynamic "advanced_configuration" { + for_each = try(load_balancer.value.advanced_configuration, null) == null ? [] : [load_balancer.value.advanced_configuration] + content { + alternate_target_group_arn = advanced_configuration.value.alternate_target_group_arn + production_listener_rule = advanced_configuration.value.production_listener_rule + role_arn = advanced_configuration.value.role_arn + test_listener_rule = try(advanced_configuration.value.test_listener_rule, null) + } + } } } diff --git a/variables.tf b/variables.tf index a171e73d..3b73e2c5 100644 --- a/variables.tf +++ b/variables.tf @@ -14,6 +14,12 @@ variable "ecs_load_balancers" { container_port = number elb_name = optional(string) target_group_arn = string + advanced_configuration = optional(object({ + alternate_target_group_arn = string + production_listener_rule = string + role_arn = string + test_listener_rule = optional(string) + }), null) })) description = "A list of load balancer config objects for the ECS service; see [ecs_service#load_balancer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service#load_balancer) docs" default = [] @@ -446,6 +452,14 @@ variable "service_connect_configurations" { client_alias = list(object({ dns_name = string port = number + test_traffic_rules = optional(list(object({ + header = object({ + name = string + value = object({ + exact = string + }) + }) + })), []) })) timeout = optional(list(object({ idle_timeout_seconds = optional(number, null) @@ -470,6 +484,20 @@ variable "service_connect_configurations" { default = [] } +variable "deployment_configuration" { + type = object({ + strategy = optional(string) + bake_time_in_minutes = optional(number) + lifecycle_hooks = optional(list(object({ + hook_target_arn = string + role_arn = string + lifecycle_stages = list(string) + })), []) + }) + description = "ECS deployment configuration, supports blue green deployments (`strategy = 'BLUE_GREEN'`) with lifecycle hooks. See aws_ecs_service deployment_configuration at https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service#deployment_configuration - default of null which is the default ROLLING deployment strategy." + default = null +} + variable "permissions_boundary" { type = string description = "A permissions boundary ARN to apply to the 3 roles that are created."