rollback deleted features

README.md

@@ -70,14 +70,21 @@ In addition you have the option to create or not :
 | cloudwatch\_logs\_export | Whether to mark the log group to export to an S3 bucket (needs terraform-aws-log-exporter to be deployed in the account/region) | `bool` | `false` | no |
 | cloudwatch\_logs\_retention | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `120` | no |
 | cluster\_name | n/a | `string` | `"Name of existing ECS Cluster to deploy this app to"` | no |
+| codedeploy\_deployment\_config\_name | Specifies the deployment configuration for CodeDeploy | `string` | `"CodeDeployDefault.ECSAllAtOnce"` | no |
+| codedeploy\_role\_arn | Existing IAM CodeDeploy role ARN created by ECS cluster module | `any` | `null` | no |
+| codedeploy\_wait\_time\_for\_cutover | Time in minutes to route the traffic to the new application deployment | `number` | `0` | no |
+| codedeploy\_wait\_time\_for\_termination | Time in minutes to terminate the new deployment | `number` | `0` | no |
 | container\_port | Port your container listens (used in the placeholder task definition) | `string` | `"8080"` | no |
 | cpu | Hard limit for CPU for the container | `string` | `"0"` | no |
+| create\_iam\_codedeployrole | Create Codedeploy IAM Role for ECS or not. | `bool` | `true` | no |
+| deployment\_controller | Type of deployment controller. Valid values: CODE\_DEPLOY, ECS, EXTERNAL. | `string` | `"CODE_DEPLOY"` | no |
+| efs\_mapping | A map of efs volume ids and paths to mount into the default task definition | `map(string)` | `{}` | no |
 | fargate\_spot | Set true to use FARGATE\_SPOT capacity provider by default (only when launch\_type=FARGATE) | `bool` | `false` | no |
 | hosted\_zone | Hosted Zone to create DNS record for this app | `string` | `""` | no |
 | hostname | Hostname to create DNS record for this app | `string` | `""` | no |
 | hostname\_create | Optional parameter to create or not a Route53 record | `string` | `"true"` | no |
 | image | Docker image to deploy (can be a placeholder) | `string` | `"dnxsolutions/nginx-hello:latest"` | no |
-| launch\_type | The launch type on which to run your service. The valid values are EC2 and FARGATE. Defaults to EC2. | `string` | `"EC2"` | no |
+| launch\_type | The launch type on which to run your service. The valid values are EC2 and FARGATE. Defaults to EC2. | `string` | `"FARGATE"` | no |
 | memory | Hard memory of the container | `string` | `"512"` | no |
 | name | Name of your ECS service | `any` | n/a | yes |
 | network\_mode | The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. (REQUIRED IF 'LAUCH\_TYPE' IS FARGATE) | `any` | `null` | no |
@@ -89,13 +96,15 @@ In addition you have the option to create or not :
 | ordered\_placement\_strategy | Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. The maximum number of ordered\_placement\_strategy blocks is 5. | <pre>list(object({<br>    field      = string<br>    expression = string<br>  }))</pre> | `[]` | no |
 | placement\_constraints | Rules that are taken into consideration during task placement. Maximum number of placement\_constraints is 10. | <pre>list(object({<br>    type       = string<br>    expression = string<br>  }))</pre> | `[]` | no |
 | port | Port for target group to listen | `string` | `"80"` | no |
+| ports | Port for target group to listen | <pre>list(object({<br>    port     = number<br>    protocol = string<br>  }))</pre> | <pre>[<br>  {<br>    "port": 80,<br>    "protocol": "tcp"<br>  }<br>]</pre> | no |
 | security\_group\_ecs\_nodes\_inbound\_cidrs | ECS Nodes inbound allowed CIDRs for the security group. | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | security\_group\_nlb\_inbound\_cidrs | NLB inbound allowed CIDRs for the security group. | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 | security\_groups | The security groups associated with the task or service | `any` | `null` | no |
 | service\_health\_check\_grace\_period\_seconds | Time until your container starts serving requests | `number` | `0` | no |
 | service\_role\_arn | Existing service role ARN created by ECS cluster module | `any` | n/a | yes |
 | subnets | The subnets associated with the task or service. (REQUIRED IF 'LAUCH\_TYPE' IS FARGATE) | `any` | `null` | no |
 | task\_role\_arn | Existing task role ARN created by ECS cluster module | `any` | n/a | yes |
+| ulimits | Container ulimit settings. This is a list of maps, where each map should contain "name", "hardLimit" and "softLimit" | <pre>list(object({<br>    name      = string<br>    hardLimit = number<br>    softLimit = number<br>  }))</pre> | `null` | no |
 | vpc\_id | VPC ID to deploy this app to | `any` | n/a | yes |
 
 ## Outputs

_variables.tf

@@ -54,6 +54,20 @@ variable "port" {
   description = "Port for target group to listen"
 }
 
+variable "ports" {
+  default = [
+    {
+      port     = 80
+      protocol = "tcp"
+    }
+  ]
+  description = "Port for target group to listen"
+  type = list(object({
+    port     = number
+    protocol = string
+  }))
+}
+
 variable "container_port" {
   default     = "8080"
   description = "Port your container listens (used in the placeholder task definition)"
@@ -129,7 +143,7 @@ variable "placement_constraints" {
 }
 
 variable "launch_type" {
-  default     = "EC2"
+  default     = "FARGATE"
   description = "The launch type on which to run your service. The valid values are EC2 and FARGATE. Defaults to EC2."
 }
 
@@ -202,3 +216,50 @@ variable "security_group_nlb_inbound_cidrs" {
   default     = ["0.0.0.0/0"]
   description = "NLB inbound allowed CIDRs for the security group."
 }
+
+variable "create_iam_codedeployrole" {
+  type        = bool
+  default     = true
+  description = "Create Codedeploy IAM Role for ECS or not."
+}
+
+variable "codedeploy_role_arn" {
+  default     = null
+  description = "Existing IAM CodeDeploy role ARN created by ECS cluster module"
+}
+
+variable "efs_mapping" {
+  type        = map(string)
+  description = "A map of efs volume ids and paths to mount into the default task definition"
+  default     = {}
+}
+
+variable "ulimits" {
+  type = list(object({
+    name      = string
+    hardLimit = number
+    softLimit = number
+  }))
+  description = "Container ulimit settings. This is a list of maps, where each map should contain \"name\", \"hardLimit\" and \"softLimit\""
+  default     = null
+}
+
+variable "deployment_controller" {
+  default     = "CODE_DEPLOY"
+  description = "Type of deployment controller. Valid values: CODE_DEPLOY, ECS, EXTERNAL."
+}
+
+variable "codedeploy_wait_time_for_cutover" {
+  default     = 0
+  description = "Time in minutes to route the traffic to the new application deployment"
+}
+
+variable "codedeploy_wait_time_for_termination" {
+  default     = 0
+  description = "Time in minutes to terminate the new deployment"
+}
+
+variable "codedeploy_deployment_config_name" {
+  default     = "CodeDeployDefault.ECSAllAtOnce"
+  description = "Specifies the deployment configuration for CodeDeploy"
+}

ecs-service.tf

@@ -7,10 +7,13 @@ resource "aws_ecs_service" "default" {
   health_check_grace_period_seconds = var.service_health_check_grace_period_seconds
   enable_execute_command            = true
 
-  load_balancer {
-    target_group_arn = aws_lb_target_group.ecs_default_tcp.arn
-    container_name   = var.name
-    container_port   = var.container_port
+  dynamic "load_balancer" {
+    for_each = { for port in var.ports : port.port => port }
+    content {
+      target_group_arn = aws_lb_target_group.ecs_default_tcp[load_balancer.value.port].arn
+      container_name   = var.name
+      container_port   = load_balancer.value.port
+    }
   }
 
   dynamic "placement_constraints" {
@@ -65,11 +68,12 @@ resource "aws_security_group" "ecs_service" {
 
 
 resource "aws_security_group_rule" "ecs_service_from_nlb" {
-  count                    = var.nlb ? 1 : 0
+  # for_each                 = var.nlb == true ? { for port in var.ports : port.port => port } : []
+  for_each                 = { for port in(var.nlb == true ? var.ports : []) : port.port => port }
   type                     = "ingress"
-  from_port                = var.port
-  to_port                  = var.port
-  protocol                 = "tcp"
+  from_port                = each.value.port
+  to_port                  = each.value.port
+  protocol                 = each.value.protocol
   security_group_id        = aws_security_group.ecs_service.id
   source_security_group_id = aws_security_group.nlb[0].id
 }