Skip to content

Commit 7fa3657

Browse files
ronny-panknin-flaconironny-panknin-flaconi
committed
OPS-4860 initial commit for elastic beanstalk module
1 parent fb423d6 commit 7fa3657

File tree

5 files changed

+586
-4
lines changed

5 files changed

+586
-4
lines changed

README.md

+205-4
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,9 @@ Template for Terraform modules
1616
<!-- TFDOCS_PROVIDER_START -->
1717
## Providers
1818

19-
No providers.
19+
| Name | Version |
20+
|------|---------|
21+
| <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
2022

2123
<!-- TFDOCS_PROVIDER_END -->
2224

@@ -32,18 +34,217 @@ No providers.
3234
<!-- TFDOCS_INPUTS_START -->
3335
## Required Inputs
3436

35-
No required inputs.
37+
The following input variables are required:
38+
39+
### <a name="input_region"></a> [region](#input\_region)
40+
41+
Description: AWS region
42+
43+
Type: `string`
44+
45+
### <a name="input_description"></a> [description](#input\_description)
46+
47+
Description: Short description of the Environment
48+
49+
Type: `string`
50+
51+
### <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id)
52+
53+
Description: ID of the VPC
54+
55+
Type: `string`
56+
57+
### <a name="input_private_subnet_ids"></a> [private\_subnet\_ids](#input\_private\_subnet\_ids)
58+
59+
Description: List of subnets
60+
61+
Type: `list(string)`
62+
63+
### <a name="input_public_subnet_ids"></a> [public\_subnet\_ids](#input\_public\_subnet\_ids)
64+
65+
Description: List of subnets
66+
67+
Type: `list(string)`
68+
69+
### <a name="input_solution_stack_name"></a> [solution\_stack\_name](#input\_solution\_stack\_name)
70+
71+
Description: Elastic Beanstalk stack, e.g. Docker, Go, Node, Java, IIS. For more info, see https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html
72+
73+
Type: `string`
74+
75+
### <a name="input_application_name"></a> [application\_name](#input\_application\_name)
76+
77+
Description: n/a
78+
79+
Type: `string`
3680

3781
## Optional Inputs
3882

39-
No optional inputs.
83+
The following input variables are optional (have default values):
84+
85+
### <a name="input_loadbalancer_type"></a> [loadbalancer\_type](#input\_loadbalancer\_type)
86+
87+
Description: Load Balancer type, e.g. 'application' or 'classic'
88+
89+
Type: `string`
90+
91+
Default: `"application"`
92+
93+
### <a name="input_loadbalancer_ssl_policy"></a> [loadbalancer\_ssl\_policy](#input\_loadbalancer\_ssl\_policy)
94+
95+
Description: Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer
96+
97+
Type: `string`
98+
99+
Default: `""`
100+
101+
### <a name="input_healthcheck_url"></a> [healthcheck\_url](#input\_healthcheck\_url)
102+
103+
Description: Application Health Check URL. Elastic Beanstalk will call this URL to check the health of the application running on EC2 instances
104+
105+
Type: `string`
106+
107+
Default: `"/healthz"`
108+
109+
### <a name="input_healthcheck_interval"></a> [healthcheck\_interval](#input\_healthcheck\_interval)
110+
111+
Description: The interval of time, in seconds, that Elastic Load Balancing checks the health of the Amazon EC2 instances of your application
112+
113+
Type: `number`
114+
115+
Default: `15`
116+
117+
### <a name="input_autoscale_min"></a> [autoscale\_min](#input\_autoscale\_min)
118+
119+
Description: Minumum instances to launch
120+
121+
Type: `number`
122+
123+
Default: `1`
124+
125+
### <a name="input_autoscale_max"></a> [autoscale\_max](#input\_autoscale\_max)
126+
127+
Description: Maximum instances to launch
128+
129+
Type: `number`
130+
131+
Default: `1`
132+
133+
### <a name="input_env_vars"></a> [env\_vars](#input\_env\_vars)
134+
135+
Description: Map of custom ENV variables to be provided to the application running on Elastic Beanstalk, e.g. env\_vars = { DB\_USER = 'admin' DB\_PASS = 'xxxxxx' }
136+
137+
Type: `map(string)`
138+
139+
Default: `{}`
140+
141+
### <a name="input_dns_zone_id"></a> [dns\_zone\_id](#input\_dns\_zone\_id)
142+
143+
Description: Route53 parent zone ID. The module will create sub-domain DNS record in the parent zone for the EB environment
144+
145+
Type: `string`
146+
147+
Default: `""`
148+
149+
### <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name)
150+
151+
Description: n/a
152+
153+
Type: `string`
154+
155+
Default: `""`
156+
157+
### <a name="input_dns_subdomain"></a> [dns\_subdomain](#input\_dns\_subdomain)
158+
159+
Description: The subdomain to create on Route53 for the EB environment. For the subdomain to be created, the `dns_zone_id` variable must be set as well
160+
161+
Type: `string`
162+
163+
Default: `""`
164+
165+
### <a name="input_deployment_version"></a> [deployment\_version](#input\_deployment\_version)
166+
167+
Description: n/a
168+
169+
Type: `string`
170+
171+
Default: `"initial"`
172+
173+
### <a name="input_deployment_bucket"></a> [deployment\_bucket](#input\_deployment\_bucket)
174+
175+
Description: n/a
176+
177+
Type: `string`
178+
179+
Default: `null`
180+
181+
### <a name="input_deployment_file_path"></a> [deployment\_file\_path](#input\_deployment\_file\_path)
182+
183+
Description: n/a
184+
185+
Type: `string`
186+
187+
Default: `"Dockerrun.aws.json"`
188+
189+
### <a name="input_deployment_definition"></a> [deployment\_definition](#input\_deployment\_definition)
190+
191+
Description: n/a
192+
193+
Type: `string`
194+
195+
Default: `null`
196+
197+
### <a name="input_tags"></a> [tags](#input\_tags)
198+
199+
Description: A map of additional tags to apply to all VPC resources
200+
201+
Type: `map(string)`
202+
203+
Default: `{}`
204+
205+
### <a name="input_subject_alternative_names"></a> [subject\_alternative\_names](#input\_subject\_alternative\_names)
206+
207+
Description: n/a
208+
209+
Type: `list(string)`
210+
211+
Default: `[]`
212+
213+
### <a name="input_validation_allow_overwrite_records"></a> [validation\_allow\_overwrite\_records](#input\_validation\_allow\_overwrite\_records)
214+
215+
Description: n/a
216+
217+
Type: `bool`
218+
219+
Default: `true`
40220

41221
<!-- TFDOCS_INPUTS_END -->
42222

43223
<!-- TFDOCS_OUTPUTS_START -->
44224
## Outputs
45225

46-
No outputs.
226+
| Name | Description |
227+
|------|-------------|
228+
| <a name="output_elastic_beanstalk_application_name"></a> [elastic\_beanstalk\_application\_name](#output\_elastic\_beanstalk\_application\_name) | Elastic Beanstalk Application name |
229+
| <a name="output_elastic_beanstalk_environment_all_settings"></a> [elastic\_beanstalk\_environment\_all\_settings](#output\_elastic\_beanstalk\_environment\_all\_settings) | List of all option settings configured in the environment. These are a combination of default settings and their overrides from setting in the configuration |
230+
| <a name="output_elastic_beanstalk_environment_application"></a> [elastic\_beanstalk\_environment\_application](#output\_elastic\_beanstalk\_environment\_application) | The Elastic Beanstalk Application specified for this environment |
231+
| <a name="output_elastic_beanstalk_environment_autoscaling_groups"></a> [elastic\_beanstalk\_environment\_autoscaling\_groups](#output\_elastic\_beanstalk\_environment\_autoscaling\_groups) | The autoscaling groups used by this environment |
232+
| <a name="output_elastic_beanstalk_environment_ec2_instance_profile_role_name"></a> [elastic\_beanstalk\_environment\_ec2\_instance\_profile\_role\_name](#output\_elastic\_beanstalk\_environment\_ec2\_instance\_profile\_role\_name) | Instance IAM role name |
233+
| <a name="output_elastic_beanstalk_environment_elb_zone_id"></a> [elastic\_beanstalk\_environment\_elb\_zone\_id](#output\_elastic\_beanstalk\_environment\_elb\_zone\_id) | ELB zone id |
234+
| <a name="output_elastic_beanstalk_environment_endpoint"></a> [elastic\_beanstalk\_environment\_endpoint](#output\_elastic\_beanstalk\_environment\_endpoint) | Fully qualified DNS name for the environment |
235+
| <a name="output_elastic_beanstalk_environment_hostname"></a> [elastic\_beanstalk\_environment\_hostname](#output\_elastic\_beanstalk\_environment\_hostname) | DNS hostname |
236+
| <a name="output_elastic_beanstalk_environment_id"></a> [elastic\_beanstalk\_environment\_id](#output\_elastic\_beanstalk\_environment\_id) | ID of the Elastic Beanstalk environment |
237+
| <a name="output_elastic_beanstalk_environment_instances"></a> [elastic\_beanstalk\_environment\_instances](#output\_elastic\_beanstalk\_environment\_instances) | Instances used by this environment |
238+
| <a name="output_elastic_beanstalk_environment_launch_configurations"></a> [elastic\_beanstalk\_environment\_launch\_configurations](#output\_elastic\_beanstalk\_environment\_launch\_configurations) | Launch configurations in use by this environment |
239+
| <a name="output_elastic_beanstalk_environment_load_balancers"></a> [elastic\_beanstalk\_environment\_load\_balancers](#output\_elastic\_beanstalk\_environment\_load\_balancers) | Elastic Load Balancers in use by this environment |
240+
| <a name="output_elastic_beanstalk_environment_name"></a> [elastic\_beanstalk\_environment\_name](#output\_elastic\_beanstalk\_environment\_name) | Name |
241+
| <a name="output_elastic_beanstalk_environment_queues"></a> [elastic\_beanstalk\_environment\_queues](#output\_elastic\_beanstalk\_environment\_queues) | SQS queues in use by this environment |
242+
| <a name="output_elastic_beanstalk_environment_security_group_arn"></a> [elastic\_beanstalk\_environment\_security\_group\_arn](#output\_elastic\_beanstalk\_environment\_security\_group\_arn) | Elastic Beanstalk environment Security Group ARN |
243+
| <a name="output_elastic_beanstalk_environment_security_group_id"></a> [elastic\_beanstalk\_environment\_security\_group\_id](#output\_elastic\_beanstalk\_environment\_security\_group\_id) | Elastic Beanstalk environment Security Group ID |
244+
| <a name="output_elastic_beanstalk_environment_security_group_name"></a> [elastic\_beanstalk\_environment\_security\_group\_name](#output\_elastic\_beanstalk\_environment\_security\_group\_name) | Elastic Beanstalk environment Security Group name |
245+
| <a name="output_elastic_beanstalk_environment_setting"></a> [elastic\_beanstalk\_environment\_setting](#output\_elastic\_beanstalk\_environment\_setting) | Settings specifically set for this environment |
246+
| <a name="output_elastic_beanstalk_environment_tier"></a> [elastic\_beanstalk\_environment\_tier](#output\_elastic\_beanstalk\_environment\_tier) | The environment tier |
247+
| <a name="output_elastic_beanstalk_environment_triggers"></a> [elastic\_beanstalk\_environment\_triggers](#output\_elastic\_beanstalk\_environment\_triggers) | Autoscaling triggers in use by this environment |
47248

48249
<!-- TFDOCS_OUTPUTS_END -->
49250

locals.tf

+5
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
locals {
2+
hostnames = reverse(sort(flatten(concat([var.dns_subdomain], var.subject_alternative_names))))
3+
validation_zone_mapping = zipmap(local.hostnames, data.aws_route53_zone.parent.*.zone_id)
4+
host_to_zone_regex = "/^(?:.*\\.)?([^.]+\\.[^.]+\\.[^.]+)$/"
5+
}

main.tf

+148
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,148 @@
1+
module "elastic_beanstalk_application" {
2+
source = "cloudposse/elastic-beanstalk-application/aws"
3+
# Cloud Posse recommends pinning every module to a specific version
4+
version = "0.11.1"
5+
6+
name = var.application_name
7+
description = "Test Elastic Beanstalk application"
8+
9+
tags = var.tags
10+
}
11+
12+
module "elastic_beanstalk_environment" {
13+
source = "cloudposse/elastic-beanstalk-environment/aws"
14+
15+
depends_on = [
16+
aws_elastic_beanstalk_application_version.default,
17+
aws_acm_certificate_validation.this,
18+
]
19+
20+
name = var.application_name
21+
description = var.description
22+
region = var.region
23+
24+
version_label = aws_elastic_beanstalk_application_version.default.id
25+
26+
elastic_beanstalk_application_name = var.application_name
27+
28+
autoscale_min = var.autoscale_min
29+
autoscale_max = var.autoscale_max
30+
31+
vpc_id = var.vpc_id
32+
33+
application_subnets = var.private_subnet_ids
34+
35+
loadbalancer_subnets = var.public_subnet_ids
36+
loadbalancer_type = var.loadbalancer_type
37+
loadbalancer_certificate_arn = module.acm.acm_certificate_arn
38+
loadbalancer_ssl_policy = var.domain_name != "" ? "ELBSecurityPolicy-2016-08" : var.loadbalancer_ssl_policy
39+
40+
healthcheck_url = var.healthcheck_url
41+
healthcheck_interval = var.healthcheck_interval
42+
43+
allow_all_egress = true
44+
45+
solution_stack_name = var.solution_stack_name
46+
env_vars = var.env_vars
47+
48+
prefer_legacy_ssm_policy = false
49+
prefer_legacy_service_policy = false
50+
51+
dns_zone_id = var.domain_name != "" ? data.aws_route53_zone.selected.*.id[0] : var.dns_zone_id
52+
dns_subdomain = var.dns_subdomain
53+
54+
force_destroy = true
55+
56+
tags = var.tags
57+
}
58+
59+
data "aws_iam_policy_document" "minimal_s3_permissions" {
60+
statement {
61+
sid = "AllowS3OperationsOnElasticBeanstalkBuckets"
62+
actions = [
63+
"s3:ListAllMyBuckets",
64+
"s3:GetBucketLocation"
65+
]
66+
resources = ["*"]
67+
}
68+
}
69+
70+
resource "aws_s3_bucket_object" "deployment" {
71+
bucket = var.deployment_bucket
72+
key = "${var.application_name}-${var.deployment_version}-${var.deployment_file_path}"
73+
content = var.deployment_definition
74+
}
75+
76+
resource "aws_elastic_beanstalk_application_version" "default" {
77+
depends_on = [module.elastic_beanstalk_application]
78+
79+
name = "${var.application_name}-${var.deployment_version}"
80+
application = var.application_name
81+
description = "application version created by terraform"
82+
bucket = var.deployment_bucket
83+
key = aws_s3_bucket_object.deployment.id
84+
}
85+
86+
data "aws_route53_zone" "parent" {
87+
count = length(local.hostnames)
88+
name = replace(local.hostnames[count.index], local.host_to_zone_regex, "$1")
89+
private_zone = false
90+
}
91+
92+
resource "aws_route53_record" "validation" {
93+
depends_on = [module.acm]
94+
95+
count = length(local.hostnames)
96+
97+
zone_id = local.validation_zone_mapping[module.acm.acm_certificate_domain_validation_options[count.index]["domain_name"]]
98+
name = module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_name"]
99+
type = module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_type"]
100+
records = [module.acm.acm_certificate_domain_validation_options[count.index]["resource_record_value"]]
101+
ttl = 60
102+
allow_overwrite = var.validation_allow_overwrite_records
103+
}
104+
105+
data "aws_route53_zone" "selected" {
106+
count = var.domain_name != "" ? 1 : 0
107+
name = var.domain_name
108+
private_zone = false
109+
}
110+
111+
module "acm" {
112+
source = "github.com/terraform-aws-modules/terraform-aws-acm.git?ref=v3.2.0"
113+
114+
validate_certificate = false
115+
create_certificate = var.domain_name != "" ? true : false
116+
117+
domain_name = var.dns_subdomain
118+
subject_alternative_names = var.subject_alternative_names
119+
120+
}
121+
122+
data "aws_route53_zone" "additional" {
123+
count = length(var.subject_alternative_names)
124+
name = replace(var.subject_alternative_names[count.index], local.host_to_zone_regex, "$1")
125+
private_zone = false
126+
}
127+
128+
resource "aws_route53_record" "additional" {
129+
130+
depends_on = [module.elastic_beanstalk_environment]
131+
count = length(var.subject_alternative_names)
132+
133+
zone_id = data.aws_route53_zone.additional[count.index].zone_id
134+
name = var.subject_alternative_names[count.index]
135+
type = "A"
136+
137+
alias {
138+
name = module.elastic_beanstalk_environment.endpoint
139+
zone_id = module.elastic_beanstalk_environment.elb_zone_id
140+
evaluate_target_health = true
141+
}
142+
}
143+
144+
resource "aws_acm_certificate_validation" "this" {
145+
146+
certificate_arn = module.acm.acm_certificate_arn
147+
validation_record_fqdns = aws_route53_record.validation.*.fqdn
148+
}

0 commit comments

Comments
 (0)