fix:ajustes no modulo ecs_mentoria

autoscaling.tf

@@ -1,19 +1,19 @@
 resource "aws_appautoscaling_target" "ecs_target" {
-  count              = local.cluster_count
+  for_each           = var.services
   max_capacity       = 2
   min_capacity       = 1
-  resource_id        = "service/${aws_ecs_cluster.cluster_iac[0].name}/${aws_ecs_service.service_cluster[0].name}"
+  resource_id        = "service/${local.cluster_name}/${aws_ecs_service.service_cluster[each.key].name}"
   scalable_dimension = "ecs:service:DesiredCount"
   service_namespace  = "ecs"
 }
 
 resource "aws_appautoscaling_policy" "memory" {
-  count              = local.cluster_count
+  for_each           = var.services
   name               = "memory"
   policy_type        = "TargetTrackingScaling"
-  resource_id        = aws_appautoscaling_target.ecs_target[0].resource_id
-  scalable_dimension = aws_appautoscaling_target.ecs_target[0].scalable_dimension
-  service_namespace  = aws_appautoscaling_target.ecs_target[0].service_namespace
+  resource_id        = aws_appautoscaling_target.ecs_target[each.key].resource_id
+  scalable_dimension = aws_appautoscaling_target.ecs_target[each.key].scalable_dimension
+  service_namespace  = aws_appautoscaling_target.ecs_target[each.key].service_namespace
 
   target_tracking_scaling_policy_configuration {
     predefined_metric_specification {
@@ -25,12 +25,12 @@ resource "aws_appautoscaling_policy" "memory" {
 }
 
 resource "aws_appautoscaling_policy" "cpu" {
-  count              = local.cluster_count
+  for_each           = var.services
   name               = "cpu"
   policy_type        = "TargetTrackingScaling"
-  resource_id        = aws_appautoscaling_target.ecs_target[0].resource_id
-  scalable_dimension = aws_appautoscaling_target.ecs_target[0].scalable_dimension
-  service_namespace  = aws_appautoscaling_target.ecs_target[0].service_namespace
+  resource_id        = aws_appautoscaling_target.ecs_target[each.key].resource_id
+  scalable_dimension = aws_appautoscaling_target.ecs_target[each.key].scalable_dimension
+  service_namespace  = aws_appautoscaling_target.ecs_target[each.key].service_namespace
 
   target_tracking_scaling_policy_configuration {
     predefined_metric_specification {

cloudwatch.tf

@@ -1,5 +1,6 @@
 resource "aws_cloudwatch_log_group" "main" {
-  name              = "${var.service_name}-log"
+  for_each          = var.services
+  name              = "${each.value.name}-log"
   retention_in_days = "7"
   kms_key_id        = null #tfsec:ignore:AWS089
 

how-to-use-this-module/terrafile.tf

@@ -3,26 +3,54 @@ provider "aws" {
   region = "us-east-1"
 }
 
-data "template_file" "container_definitions" {
-  template = file("./container_definitions.json")
+variable "vpc_id" {
+  type    = string
+  default = "vpc-0645e6d450ce1bc30"
 }
 
-module "ecs_mentoria" {
-  source           = "../"
-  create_cluster   = true
-  app_count        = 1
-  fargate_cpu      = 256
-  fargate_memory   = 512
-  subnet_ids       = ["subnet-08e28abe0bb8c94cc", "subnet-0f22a250f019b5e1d"]
-  vpc_id           = "vpc-0bf0d67ed0acdbd2a"
-  protocol         = "HTTP"
-  family_name      = "mentoria"
-  service_name     = "mentoria"
-  cluster_name     = "mentoria"
-  container1_name  = "api"
-  container1_port  = 8000
-  container_definitions = data.template_file.container_definitions.rendered
+data "aws_subnets" "main" {
+  filter {
+    name   = "vpc-id"
+    values = [var.vpc_id]
+  }
+}
 
+module "ecs_mentoria" {
+  source          = "../"
+  create_cluster  = true
+  app_count       = 1
+  subnet_ids      = data.aws_subnets.main.ids
+  vpc_id          = var.vpc_id
+  cluster_name    = "mentoria"
+  container1_name = "api"
+  container1_port = 8000
+  services = {
+    "service1" = {
+      name                  = "service-test"
+      image                 = "nginx:latest"
+      cpu                   = "256"
+      memory                = "512"
+      essential             = true
+      environment_variables = []
+      port_mappings = [{
+        hostPort      = 80
+        containerPort = 80
+        protocol      = "TCP"
+        }
+      ]
+      health_check = {
+        command = [
+          "CMD-SHELL",
+          "curl -f http://localhost:80/ || exit 1"
+        ]
+        retries     = 3
+        timeout     = 5
+        interval    = 15
+        startPeriod = 30
+      }
+      expose = true
+    }
+  }
   tags = {
     Env          = "production"
     Team         = "tematico-terraform"
@@ -32,6 +60,8 @@ module "ecs_mentoria" {
   }
 }
 
+
+
 output "load_balancer_dns_name" {
   value = "http://${module.ecs_mentoria.loadbalance_dns_name}"
 }

loadbalance.tf

@@ -12,22 +12,24 @@ resource "aws_lb" "iac_lb" {
 }
 
 resource "aws_lb_target_group" "iac_tg" {
-  name        = "target-group-${var.cluster_name}"
-  port        = var.container1_port
-  protocol    = var.protocol
+  for_each    = var.services
+  name        = "target-group-${each.value.name}"
+  port        = element(each.value.port_mappings.*.containerPort, 0)
+  protocol    = element(each.value.port_mappings.*.protocol, 0)
   vpc_id      = var.vpc_id
   target_type = "ip"
 }
 
 resource "aws_lb_listener" "iac_listener" {
+  for_each          = var.services
   load_balancer_arn = aws_lb.iac_lb.arn
-  port              = 80
-  protocol          = var.protocol #tfsec:ignore:AWS004
+  port              = element(each.value.port_mappings.*.containerPort, 0)
+  protocol          = element(each.value.port_mappings.*.protocol, 0) #tfsec:ignore:AWS004
   ssl_policy        = var.policy_ssl
   certificate_arn   = var.certificate_arn
 
   default_action {
     type             = "forward"
-    target_group_arn = aws_lb_target_group.iac_tg.arn
+    target_group_arn = aws_lb_target_group.iac_tg[each.key].arn
   }
 }

local.tf

@@ -1,3 +1,4 @@
 locals {
   cluster_count = var.create_cluster ? 1 : 0
+  cluster_name  = var.create_cluster ? aws_ecs_cluster.cluster_iac[0].name : var.cluster_name
 }

service.tf

@@ -1,8 +1,8 @@
 resource "aws_ecs_service" "service_cluster" {
-  count           = local.cluster_count
-  name            = var.service_name
-  cluster         = aws_ecs_cluster.cluster_iac[0].arn
-  task_definition = aws_ecs_task_definition.task_cluster.arn
+  for_each        = var.services
+  name            = each.value.name
+  cluster         = try(element(aws_ecs_cluster.cluster_iac.*.arn, 0), data.aws_ecs_cluster.main[0])
+  task_definition = aws_ecs_task_definition.task_cluster[each.key].arn
   launch_type     = "FARGATE"
   desired_count   = var.app_count
 
@@ -13,9 +13,9 @@ resource "aws_ecs_service" "service_cluster" {
   }
 
   load_balancer {
-    target_group_arn = aws_lb_target_group.iac_tg.id
-    container_name   = var.container1_name
-    container_port   = var.container1_port
+    target_group_arn = aws_lb_target_group.iac_tg[each.key].id
+    container_name   = each.value.name
+    container_port   = element(each.value.port_mappings.*.containerPort, 0)
   }
 
   tags = var.tags

sg.tf

@@ -1,14 +1,19 @@
+
 resource "aws_security_group" "allow_access" {
   vpc_id      = var.vpc_id
-  name        = "${var.service_name}-sg"
-  description = "Permite acesso app ${var.family_name}"
+  name        = "mentoria-sg"
+  description = "Permite acesso app mentoria"
 
-  ingress {
-    description = "allow app port"
-    from_port   = 80
-    to_port     = var.container1_port
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"] #tfsec:ignore:AWS008
+  dynamic "ingress" {
+    for_each = var.services
+    content {
+      description = "allow app port"
+      from_port   = element(ingress.value.port_mappings.*.containerPort, 0)
+      to_port     = element(ingress.value.port_mappings.*.containerPort, 0)
+      protocol    = "tcp"
+      self        = ingress.value.expose == false
+      cidr_blocks = ingress.value.expose ? ["0.0.0.0/0"] : []
+    }
   }
 
   egress {

task-definition.tf

@@ -1,11 +1,34 @@
 resource "aws_ecs_task_definition" "task_cluster" {
-  family                   = var.family_name
+  for_each                 = var.services
+  family                   = format("task-%s", each.value.name)
   requires_compatibilities = ["FARGATE"]
-  cpu                      = var.fargate_cpu
-  memory                   = var.fargate_memory
+  cpu                      = each.value.cpu
+  memory                   = each.value.memory
   network_mode             = "awsvpc"
   task_role_arn            = aws_iam_role.ecs_task_execution_role.arn
-  container_definitions = var.container_definitions
+  container_definitions = jsonencode(
+    [
+      {
+        name         = each.value.name
+        image        = each.value.image
+        cpu          = tonumber(each.value.cpu)
+        memory       = tonumber(each.value.memory)
+        portMappings = each.value.port_mappings
+        essential    = each.value.essential
+        environment  = each.value.environment_variables
+        healthCheck  = try(each.value.health_check, {})
+
+        logConfiguration = {
+          logDriver = "awslogs"
+          options = {
+            awslogs-region        = "${var.region}"
+            awslogs-group         = aws_cloudwatch_log_group.main[each.key].name
+            awslogs-stream-prefix = "service/${each.value.name}"
+          }
+        }
+      }
+    ]
+  )
   execution_role_arn = aws_iam_role.ecs_task_execution_role.arn
 
   tags = var.tags