terraform-aws-eb-windows

This terraform module provides an Windows Elastic Beanstalk Application Resource

The following resources will be created:

• Cloudwatch alarms for the Aplication Load Balance (ALB)
  • alb_500_errors
  • alb_400_errors
  • alb_latency
• Cloudwatch alarms for the Auto Scaling(ASG)
  • asg_high_cpu
• Set a http redirect to https by default in the load balancer
• EC2 Key pair
• CloudWatch Event Rule resource
• CloudWatch Event Target resource
• Identity Access Management (IAM) roles for the Elastic Beanstalk
• IAM roles for the Elastic Beanstalk service
• IAM roles output
• AutoScaling Schedule resource
  • ECS_STOP
  • ECS_START

Requirements

Name	Version
terraform	>= 0.13.0

Providers

Name	Version
aws	n/a
tls	n/a

Inputs

Name	Description	Type	Default	Required
ad_directory_id	ID of directory from AWS Simple AD	string	""	no
ad_directory_ip1	AD Directory first IP address	string	""	no
ad_directory_ip2	AD second IP address	string	""	no
ad_directory_name	Active Directory Name (leave it blank to disable join domain automation)	string	""	no
additional_settings	Additional Elastic Beanstalk setttings. For full list of options, see https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html	list(object({ namespace = string name = string value = string }))	[]	no
alarm_alb_400_errors_threshold	Max threshold of HTTP 4000 errors allowed in a 5 minutes interval (use 0 to disable this alarm)	number	10	no
alarm_alb_500_errors_threshold	Max threshold of HTTP 500 errors allowed in a 5 minutes interval (use 0 to disable this alarm)	number	10	no
alarm_alb_latency_anomaly_threshold	ALB Latency anomaly detection width (use 0 to disable this alarm)	number	4	no
alarm_asg_high_cpu_threshold	Max threshold average CPU percentage allowed in a 2 minutes interval (use 0 to disable this alarm)	number	80	no
alarm_sns_topics	Alarm topics to create and alert on ECS service metrics. Leaving empty disables all alarms.	list	[]	no
ami_id	ElasticBeanstalk custom AMI ID	string	""	no
application_port	Port application is listening on	number	80	no
application_subnets	List of subnets to place EC2 instances	list(string)	n/a	yes
asg_max	Max number of instances for autoscaling group	number	4	no
asg_min	Min number of instances for autoscaling group	number	1	no
associate_public_ip_address	Whether to associate public IP addresses to the instances	bool	false	no
associated_security_group_ids	A list of IDs of Security Groups to associate the created resource with, in addition to the created security group. These security groups will not be modified and, if create_security_group is false, must have rules providing the desired access.	list(string)	[]	no
autoscaling_default_cooldown	The amount of time, in seconds, after a scaling activity completes before another scaling activity can start	number	300	no
autoscaling_health_check_grace_period	The length of time that Auto Scaling waits before checking an instance's health status. The grace period begins when an instance comes into service	number	300	no
availability_zone_selector	Availability Zone selector	string	"Any 2"	no
cloudwatch_logs_retention	Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653.	number	120	no
coudwatch_environment_metrics	Environment metrics to be collected from beanstalk to cloudwatch	map(number)	{}	no
coudwatch_instance_metrics	Instance metrics to be collected from beanstalk to cloudwatch	map(number)	{}	no
create_security_group	Set true to create and configure a Security Group for the cluster.	bool	true	no
deployment_batch_size	Percentage or fixed number of Amazon EC2 instances in the Auto Scaling group on which to simultaneously perform deployments. Valid values vary per deployment_batch_size_type setting	number	100	no
deployment_batch_size_type	The type of number that is specified in deployment_batch_size_type	string	"Percentage"	no
deployment_ignore_health_check	Do not cancel a deployment due to failed health checks	bool	false	no
deployment_policy	Use the DeploymentPolicy option to set the deployment type. The following values are supported: AllAtOnce, Rolling, RollingWithAdditionalBatch, Immutable, TrafficSplitting	string	"Rolling"	no
deployment_timeout	Number of seconds to wait for an instance to complete executing commands	number	600	no
description	Short description of the Environment	string	""	no
eb_application_name	EB application name (empty value will create an application)	string	""	no
eb_platform	Platform type, e.g. 'dotnet', 'dotnetcorelinux'	string	"dotnet"	no
eb_solution_stack_name	Stack name passed to ElasticBeanstalk	any	n/a	yes
eb_tier	Elastic Beanstalk Environment tier, 'WebServer' or 'Worker'	string	"WebServer"	no
eb_version_label	Elastic Beanstalk Application version to deploy	string	"latest"	no
eb_wait_for_ready_timeout	The maximum duration to wait for the Elastic Beanstalk Environment to be in a ready state before timing out	string	"20m"	no
egress_rules	How long to wait for the security group to be created.	list(object({ from_port = string to_port = string protocol = string description = string cidr_blocks = list(string) security_groups = list(string) self = string }))	[]	no
elb_scheme	Specify internal if you want to create an internal load balancer in your Amazon VPC so that your Elastic Beanstalk application cannot be accessed from outside your Amazon VPC	string	"public"	no
enable_log_publication_control	Copy the log files for your application's Amazon EC2 instances to the Amazon S3 bucket associated with your application	bool	false	no
enable_schedule	Enables schedule to shut down and start up instances outside business hours	bool	false	no
enable_spot_instances	Enable Spot Instance requests for your environment	bool	false	no
enable_stream_logs	Whether to create groups in CloudWatch Logs for proxy and deployment logs, and stream logs from each instance in your environment	bool	false	no
environment	Name of this environment	string	"dev"	no
environment_type	Environment type, e.g. 'LoadBalanced' or 'SingleInstance'. If setting to 'SingleInstance', rolling_update_type must be set to 'Time', updating_min_in_service must be set to 0, and loadbalancer_subnets will be unused (it applies to the ELB, which does not exist in SingleInstance environments)	string	"LoadBalanced"	no
health_streaming_delete_on_terminate	Whether to delete the log group when the environment is terminated. If false, the health data is kept RetentionInDays days.	bool	false	no
health_streaming_enabled	For environments with enhanced health reporting enabled, whether to create a group in CloudWatch Logs for environment health and archive Elastic Beanstalk environment health data. For information about enabling enhanced health, see aws:elasticbeanstalk:healthreporting:system.	bool	false	no
health_streaming_retention_in_days	The number of days to keep the archived health data before it expires.	number	7	no
healthcheck_healthy_threshold_count	The number of consecutive successful requests before Elastic Load Balancing changes the instance health status	number	3	no
healthcheck_httpcodes_to_match	List of HTTP codes that indicate that an instance is healthy. Note that this option is only applicable to environments with a network or application load balancer	list(string)	[ "200", "301" ]	no
healthcheck_interval	The interval of time, in seconds, that Elastic Load Balancing checks the health of the Amazon EC2 instances of your application	number	10	no
healthcheck_timeout	The amount of time, in seconds, to wait for a response during a health check. Note that this option is only applicable to environments with an application load balancer	number	5	no
healthcheck_unhealthy_threshold_count	The number of consecutive unsuccessful requests before Elastic Load Balancing changes the instance health status	number	3	no
healthcheck_url	Application Health Check URL. Elastic Beanstalk will call this URL to check the health of the application running on EC2 instances	string	"/"	no
hosted_zone	Hosted zone to create the hostname	string	""	no
hostnames	Hostname to create on route53 pointing to the EB CNAME (leave empty to prevent creation)	list(string)	[]	no
http_listener_enabled	Enable port 80 (http)	bool	true	no
iam_role_policy_attachment_to_instance	List of policies ARN to be attach in the Elastic Beanstalk role instance.	list(object({ name = string policy_arn = string }))	[]	no
ignore_iam_account_alias	Disables data source for iam_account_alias used on cloudwatch alarms	bool	false	no
ingress_rules	How long to wait for the security group to be created.	list(object({ from_port = string to_port = string protocol = string description = string cidr_blocks = list(string) security_groups = list(string) self = string }))	[]	no
instance_refresh_enabled	Enable weekly instance replacement.	bool	false	no
instance_type	Instance type	string	"t2.micro"	no
key_name	Defines a SSH keypair to access EB instances (leave empty to create one)	string	""	no
loadbalancer_access_logs_s3_enabled	Enable or disable logs on load balancer	bool	false	no
loadbalancer_certificate_arn	Load Balancer SSL certificate ARN. The certificate must be present in AWS Certificate Manager	string	""	no
loadbalancer_idle_timeout	Load balancer connection idle timeout	number	60	no
loadbalancer_is_shared	Flag to create a shared application loadbalancer. Only when loadbalancer_type = "application" https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-alb-shared.html	bool	false	no
loadbalancer_managed_security_group	Load balancer managed security group	string	""	no
loadbalancer_security_groups	Load balancer security groups	list(string)	[]	no
loadbalancer_ssl_policy	Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer	string	"ELBSecurityPolicy-2016-08"	no
loadbalancer_subnets	List of subnets to place Elastic Load Balancer	list(string)	[]	no
loadbalancer_type	Load Balancer type, e.g. 'application' or 'network'	string	"application"	no
logs_delete_on_terminate	Whether to delete the log groups when the environment is terminated. If false, the logs are kept RetentionInDays days	bool	false	no
logs_retention_in_days	The number of days to keep log events before they expire.	number	7	no
name	Name for this application	any	n/a	yes
on_demand_base_capacity	You can designate a base portion of your total capacity as On-Demand. As the group scales, per your settings, the base portion is provisioned first, while additional On-Demand capacity is percentage-based.	number	0	no
on_demand_percentage	Percentage of on-demand intances vs spot	number	100	no
preferred_start_time	Configure a maintenance window for managed actions in UTC	string	"Sun:10:00"	no
rolling_update_enabled	Whether to enable rolling update	bool	true	no
rolling_update_type	Health or Immutable. Set it to Immutable to apply the configuration change to a fresh group of instances	string	"Health"	no
root_volume_size	The size of the EBS root volume	number	30	no
root_volume_type	The type of the EBS root volume	string	"gp2"	no
s3_bucket_elb_logs_access_log_bucket_name	Name of the S3 bucket where s3 access log will be sent to	string	""	no
s3_bucket_elb_logs_create	Create or not a bucket to store the elb logs.	bool	false	no
s3_bucket_elb_logs_encryption_enabled	When set to 'true' the resource will have aes256 encryption enabled by default	bool	true	no
s3_bucket_elb_logs_force_destroy	Force destroy the S3 bucket for load balancer logs	bool	false	no
s3_bucket_elb_logs_name	Give a name for the S3 Bucket if empyt one will be generate based on the environment and the name.	string	""	no
s3_bucket_elb_logs_versioning_enabled	When set to 'true' the s3 origin bucket will have versioning enabled	bool	true	no
schedule_cron_start	Cron expression to define when to trigger a start of the auto-scaling group. E.g. '0 20 * * *' to start at 8pm GMT time	string	""	no
schedule_cron_stop	Cron expression to define when to trigger a stop of the auto-scaling group. E.g. '0 10 * * *' to stop at 10am GMT time	string	""	no
security_group_description	The description to assign to the created Security Group. Warning: Changing the description causes the security group to be replaced.	string	"Security Group for ElasticBean Stalk"	no
security_group_name	The name to assign to the created security group. Must be unique within the VPC. If not provided, will be derived from the null-label.context passed in.	string	n/a	yes
shared_loadbalancer_arn	ARN of the shared application load balancer. Only when loadbalancer_type = "application".	string	""	no
solutions_stack_name_regex	Regex string to apply to the solution stack list returned by AWS	string	""	no
spot_fleet_on_demand_above_base_percentage	The percentage of On-Demand Instances as part of additional capacity that your Auto Scaling group provisions beyond the SpotOnDemandBase instances. This option is relevant only when enable_spot_instances is true.	number	-1	no
spot_fleet_on_demand_base	The minimum number of On-Demand Instances that your Auto Scaling group provisions before considering Spot Instances as your environment scales up. This option is relevant only when enable_spot_instances is true.	number	0	no
spot_max_price	The maximum price per unit hour, in US$, that you're willing to pay for a Spot Instance. This option is relevant only when enable_spot_instances is true. Valid values are between 0.001 and 20.0	number	-1	no
stickiness_enabled	Route requests from the same client to the same target	bool	false	no
stickiness_expiration	Cookie expiration period, in seconds	number	86400	no
update_level	The highest level of update to apply with managed platform updates	string	"minor"	no
updating_max_batch	Maximum number of instances to update at once	number	1	no
updating_min_in_service	Minimum number of instances in service during update	number	1	no
vpc_id	VPC ID to deploy the cluster	any	n/a	yes

Outputs

Name	Description
eb_all_settings	n/a
eb_aws_security_group_id	n/a
eb_environment_cname	n/a
eb_environment_id	n/a
eb_load_balancers	n/a
iam_role_eb_arn	ARN for EB IAM role
iam_role_eb_name	Name of EB IAM role
ssm_association_join_domain_automation	n/a

Authors

Module managed by DNX Solutions.

License

Apache 2 Licensed. See LICENSE for full details.