Skip to content

Latest commit

 

History

History

aws-ecs-job

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 
 
 

ECS Job

This creates an ECS service with no load balancer in front of it. Good for background worker daemon sort of things.

Terraform managed task definition vs czecs

If the user sets var.manage_task_definition = true, Terraform will manage the lifecycle of the container definition; any external changes are reset on the next Terraform run.

If var.manage_task_definition = false, the user is expected to manage the container definition external to Terraform (e.g. using czecs). Upon creation, Terraform will use a stub definition, but from that point forward will ignore any changes to the definition, allowing external task definition management.

Migrating old ECS services

Older ECS services were created with an ARN in an old format that did not include the ECS cluster name as part of the ARN. AWS began allowing opt-in to the new ARN format starting November 15, 2018, and will require the new format starting January 1, 2020. ECS only allows applying tags (such as cost tags) on services that have the new ARN format. Applying tags to older ECS services using the old ARN format will return the following error message:

InvalidParameterException: Long arn format must be used for tagging operations

This module by default will assume your organization has opted in to the new ARN format and will apply tags to the ECS service. Creating new services after the opt-in will work fine, but migrating an existing older ECS service to using this module (via a state mv or an import) will encounter the above error message the next time it is applied.

Since changing a service to use the new ARN requires destroying and recreating the service, this can result in downtime. In such cases, you can opt-out applying tags by passing tag_service = false as an argument to the module. It is recommended that at the next possible down time, the ECS service be replaced by running terraform taint, and if manage_task_definition = false restoring the ECS task definition version (the taint/replace will restore to only the last stub definition). After the service is destroy/replaced, the tag_ service = false argument can be removed.

Requirements

No requirements.

Providers

Name Version
aws n/a

Modules

No modules.

Resources

Name Type
aws_ecs_service.job resource
aws_ecs_service.unmanaged-job resource
aws_ecs_task_definition.job resource
aws_iam_role.task_execution_role resource
aws_iam_role_policy.task_execution_role_secretsmanager resource
aws_iam_role_policy_attachment.task_execution_role resource
aws_iam_policy_document.execution_role data source
aws_iam_policy_document.registry_secretsmanager data source

Inputs

Name Description Type Default Required
cluster_id n/a string n/a yes
container_name Name of the container. Must match name in task definition. If omitted, defaults to name derived from project/env/service. string null no
deployment_maximum_percent (Optional) The upper limit (as a percentage of the service's desiredCount) of the number of running tasks that can be running in a service during a deployment. Not valid when using the DAEMON scheduling strategy. number 200 no
deployment_minimum_healthy_percent (Optional) The lower limit (as a percentage of the service's desiredCount) of the number of running tasks that must remain running and healthy in a service during a deployment. number 100 no
desired_count n/a number n/a yes
env Env for tagging and naming. See doc. string n/a yes
manage_task_definition If false, Terraform will not touch the task definition for the ECS service after initial creation bool true no
ordered_placement_strategy Placement strategy for the task instances. list(object({ type = string, field = string })) [] no
owner Owner for tagging and naming. See doc. string n/a yes
project Project for tagging and naming. See doc string n/a yes
registry_secretsmanager_arn ARN for AWS Secrets Manager secret for credentials to private registry string null no
scheduling_strategy Scheduling strategy for the service: REPLICA or DAEMON. string "REPLICA" no
service Service for tagging and naming. See doc. string n/a yes
tag_service Apply cost tags to the ECS service. Only specify false for backwards compatibility with old ECS services. bool true no
task_definition JSON to describe task. If omitted, defaults to a stub task that is expected to be managed outside of Terraform. string null no
task_role_arn n/a string n/a yes

Outputs

Name Description
ecs_service_arn ARN for the ECS service.
ecs_task_definition_family The family of the task definition defined for the given/generated container definition.