Skip to content

Latest commit

 

History

History
169 lines (152 loc) · 16.9 KB

README.md

File metadata and controls

169 lines (152 loc) · 16.9 KB

terraform-aws-eb-windows

Lint Status LICENSE

This terraform module provides an Windows Elastic Beanstalk Application Resource

The following resources will be created:

  • Cloudwatch alarms for the Aplication Load Balance (ALB)
    • alb_500_errors
    • alb_400_errors
    • alb_latency
  • Cloudwatch alarms for the Auto Scaling(ASG)
    • asg_high_cpu
  • Set a http redirect to https by default in the load balancer
  • EC2 Key pair
  • CloudWatch Event Rule resource
  • CloudWatch Event Target resource
  • Identity Access Management (IAM) roles for the Elastic Beanstalk
  • IAM roles for the Elastic Beanstalk service
  • IAM roles output
  • AutoScaling Schedule resource
    • ECS_STOP
    • ECS_START

Requirements

Name Version
terraform >= 0.13.0

Providers

Name Version
aws n/a
tls n/a

Inputs

Name Description Type Default Required
ad_directory_id ID of directory from AWS Simple AD string "" no
ad_directory_ip1 AD Directory first IP address string "" no
ad_directory_ip2 AD second IP address string "" no
ad_directory_name Active Directory Name (leave it blank to disable join domain automation) string "" no
additional_settings Additional Elastic Beanstalk setttings. For full list of options, see https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html
list(object({
namespace = string
name = string
value = string
}))
[] no
alarm_alb_400_errors_threshold Max threshold of HTTP 4000 errors allowed in a 5 minutes interval (use 0 to disable this alarm) number 10 no
alarm_alb_500_errors_threshold Max threshold of HTTP 500 errors allowed in a 5 minutes interval (use 0 to disable this alarm) number 10 no
alarm_alb_latency_anomaly_threshold ALB Latency anomaly detection width (use 0 to disable this alarm) number 4 no
alarm_asg_high_cpu_threshold Max threshold average CPU percentage allowed in a 2 minutes interval (use 0 to disable this alarm) number 80 no
alarm_sns_topics Alarm topics to create and alert on ECS service metrics. Leaving empty disables all alarms. list [] no
ami_id ElasticBeanstalk custom AMI ID string "" no
application_port Port application is listening on number 80 no
application_subnets List of subnets to place EC2 instances list(string) n/a yes
asg_max Max number of instances for autoscaling group number 4 no
asg_min Min number of instances for autoscaling group number 1 no
associate_public_ip_address Whether to associate public IP addresses to the instances bool false no
associated_security_group_ids A list of IDs of Security Groups to associate the created resource with, in addition to the created security group.
These security groups will not be modified and, if create_security_group is false, must have rules providing the desired access.
list(string) [] no
autoscaling_default_cooldown The amount of time, in seconds, after a scaling activity completes before another scaling activity can start number 300 no
autoscaling_health_check_grace_period The length of time that Auto Scaling waits before checking an instance's health status. The grace period begins when an instance comes into service number 300 no
availability_zone_selector Availability Zone selector string "Any 2" no
cloudwatch_logs_retention Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. number 120 no
coudwatch_environment_metrics Environment metrics to be collected from beanstalk to cloudwatch map(number) {} no
coudwatch_instance_metrics Instance metrics to be collected from beanstalk to cloudwatch map(number) {} no
create_security_group Set true to create and configure a Security Group for the cluster. bool true no
deployment_batch_size Percentage or fixed number of Amazon EC2 instances in the Auto Scaling group on which to simultaneously perform deployments. Valid values vary per deployment_batch_size_type setting number 100 no
deployment_batch_size_type The type of number that is specified in deployment_batch_size_type string "Percentage" no
deployment_ignore_health_check Do not cancel a deployment due to failed health checks bool false no
deployment_policy Use the DeploymentPolicy option to set the deployment type. The following values are supported: AllAtOnce, Rolling, RollingWithAdditionalBatch, Immutable, TrafficSplitting string "Rolling" no
deployment_timeout Number of seconds to wait for an instance to complete executing commands number 600 no
description Short description of the Environment string "" no
eb_application_name EB application name (empty value will create an application) string "" no
eb_platform Platform type, e.g. 'dotnet', 'dotnetcorelinux' string "dotnet" no
eb_solution_stack_name Stack name passed to ElasticBeanstalk any n/a yes
eb_tier Elastic Beanstalk Environment tier, 'WebServer' or 'Worker' string "WebServer" no
eb_version_label Elastic Beanstalk Application version to deploy string "latest" no
eb_wait_for_ready_timeout The maximum duration to wait for the Elastic Beanstalk Environment to be in a ready state before timing out string "20m" no
egress_rules How long to wait for the security group to be created.
list(object({
from_port = string
to_port = string
protocol = string
description = string
cidr_blocks = list(string)
security_groups = list(string)
self = string
}))
[] no
elb_scheme Specify internal if you want to create an internal load balancer in your Amazon VPC so that your Elastic Beanstalk application cannot be accessed from outside your Amazon VPC string "public" no
enable_log_publication_control Copy the log files for your application's Amazon EC2 instances to the Amazon S3 bucket associated with your application bool false no
enable_schedule Enables schedule to shut down and start up instances outside business hours bool false no
enable_spot_instances Enable Spot Instance requests for your environment bool false no
enable_stream_logs Whether to create groups in CloudWatch Logs for proxy and deployment logs, and stream logs from each instance in your environment bool false no
environment Name of this environment string "dev" no
environment_type Environment type, e.g. 'LoadBalanced' or 'SingleInstance'. If setting to 'SingleInstance', rolling_update_type must be set to 'Time', updating_min_in_service must be set to 0, and loadbalancer_subnets will be unused (it applies to the ELB, which does not exist in SingleInstance environments) string "LoadBalanced" no
health_streaming_delete_on_terminate Whether to delete the log group when the environment is terminated. If false, the health data is kept RetentionInDays days. bool false no
health_streaming_enabled For environments with enhanced health reporting enabled, whether to create a group in CloudWatch Logs for environment health and archive Elastic Beanstalk environment health data. For information about enabling enhanced health, see aws:elasticbeanstalk:healthreporting:system. bool false no
health_streaming_retention_in_days The number of days to keep the archived health data before it expires. number 7 no
healthcheck_healthy_threshold_count The number of consecutive successful requests before Elastic Load Balancing changes the instance health status number 3 no
healthcheck_httpcodes_to_match List of HTTP codes that indicate that an instance is healthy. Note that this option is only applicable to environments with a network or application load balancer list(string)
[
"200",
"301"
]
no
healthcheck_interval The interval of time, in seconds, that Elastic Load Balancing checks the health of the Amazon EC2 instances of your application number 10 no
healthcheck_timeout The amount of time, in seconds, to wait for a response during a health check. Note that this option is only applicable to environments with an application load balancer number 5 no
healthcheck_unhealthy_threshold_count The number of consecutive unsuccessful requests before Elastic Load Balancing changes the instance health status number 3 no
healthcheck_url Application Health Check URL. Elastic Beanstalk will call this URL to check the health of the application running on EC2 instances string "/" no
hosted_zone Hosted zone to create the hostname string "" no
hostnames Hostname to create on route53 pointing to the EB CNAME (leave empty to prevent creation) list(string) [] no
http_listener_enabled Enable port 80 (http) bool true no
iam_role_policy_attachment_to_instance List of policies ARN to be attach in the Elastic Beanstalk role instance.
list(object({
name = string
policy_arn = string
}))
[] no
ignore_iam_account_alias Disables data source for iam_account_alias used on cloudwatch alarms bool false no
ingress_rules How long to wait for the security group to be created.
list(object({
from_port = string
to_port = string
protocol = string
description = string
cidr_blocks = list(string)
security_groups = list(string)
self = string
}))
[] no
instance_refresh_enabled Enable weekly instance replacement. bool false no
instance_type Instance type string "t2.micro" no
key_name Defines a SSH keypair to access EB instances (leave empty to create one) string "" no
loadbalancer_access_logs_s3_enabled Enable or disable logs on load balancer bool false no
loadbalancer_certificate_arn Load Balancer SSL certificate ARN. The certificate must be present in AWS Certificate Manager string "" no
loadbalancer_idle_timeout Load balancer connection idle timeout number 60 no
loadbalancer_is_shared Flag to create a shared application loadbalancer. Only when loadbalancer_type = "application" https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/environments-cfg-alb-shared.html bool false no
loadbalancer_managed_security_group Load balancer managed security group string "" no
loadbalancer_security_groups Load balancer security groups list(string) [] no
loadbalancer_ssl_policy Specify a security policy to apply to the listener. This option is only applicable to environments with an application load balancer string "ELBSecurityPolicy-2016-08" no
loadbalancer_subnets List of subnets to place Elastic Load Balancer list(string) [] no
loadbalancer_type Load Balancer type, e.g. 'application' or 'network' string "application" no
logs_delete_on_terminate Whether to delete the log groups when the environment is terminated. If false, the logs are kept RetentionInDays days bool false no
logs_retention_in_days The number of days to keep log events before they expire. number 7 no
name Name for this application any n/a yes
on_demand_base_capacity You can designate a base portion of your total capacity as On-Demand. As the group scales, per your settings, the base portion is provisioned first, while additional On-Demand capacity is percentage-based. number 0 no
on_demand_percentage Percentage of on-demand intances vs spot number 100 no
preferred_start_time Configure a maintenance window for managed actions in UTC string "Sun:10:00" no
rolling_update_enabled Whether to enable rolling update bool true no
rolling_update_type Health or Immutable. Set it to Immutable to apply the configuration change to a fresh group of instances string "Health" no
root_volume_size The size of the EBS root volume number 30 no
root_volume_type The type of the EBS root volume string "gp2" no
s3_bucket_elb_logs_access_log_bucket_name Name of the S3 bucket where s3 access log will be sent to string "" no
s3_bucket_elb_logs_create Create or not a bucket to store the elb logs. bool false no
s3_bucket_elb_logs_encryption_enabled When set to 'true' the resource will have aes256 encryption enabled by default bool true no
s3_bucket_elb_logs_force_destroy Force destroy the S3 bucket for load balancer logs bool false no
s3_bucket_elb_logs_name Give a name for the S3 Bucket if empyt one will be generate based on the environment and the name. string "" no
s3_bucket_elb_logs_versioning_enabled When set to 'true' the s3 origin bucket will have versioning enabled bool true no
schedule_cron_start Cron expression to define when to trigger a start of the auto-scaling group. E.g. '0 20 * * *' to start at 8pm GMT time string "" no
schedule_cron_stop Cron expression to define when to trigger a stop of the auto-scaling group. E.g. '0 10 * * *' to stop at 10am GMT time string "" no
security_group_description The description to assign to the created Security Group.
Warning: Changing the description causes the security group to be replaced.
string "Security Group for ElasticBean Stalk" no
security_group_name The name to assign to the created security group. Must be unique within the VPC.
If not provided, will be derived from the null-label.context passed in.
string n/a yes
shared_loadbalancer_arn ARN of the shared application load balancer. Only when loadbalancer_type = "application". string "" no
solutions_stack_name_regex Regex string to apply to the solution stack list returned by AWS string "" no
spot_fleet_on_demand_above_base_percentage The percentage of On-Demand Instances as part of additional capacity that your Auto Scaling group provisions beyond the SpotOnDemandBase instances. This option is relevant only when enable_spot_instances is true. number -1 no
spot_fleet_on_demand_base The minimum number of On-Demand Instances that your Auto Scaling group provisions before considering Spot Instances as your environment scales up. This option is relevant only when enable_spot_instances is true. number 0 no
spot_max_price The maximum price per unit hour, in US$, that you're willing to pay for a Spot Instance. This option is relevant only when enable_spot_instances is true. Valid values are between 0.001 and 20.0 number -1 no
stickiness_enabled Route requests from the same client to the same target bool false no
stickiness_expiration Cookie expiration period, in seconds number 86400 no
update_level The highest level of update to apply with managed platform updates string "minor" no
updating_max_batch Maximum number of instances to update at once number 1 no
updating_min_in_service Minimum number of instances in service during update number 1 no
vpc_id VPC ID to deploy the cluster any n/a yes

Outputs

Name Description
eb_all_settings n/a
eb_aws_security_group_id n/a
eb_environment_cname n/a
eb_environment_id n/a
eb_load_balancers n/a
iam_role_eb_arn ARN for EB IAM role
iam_role_eb_name Name of EB IAM role
ssm_association_join_domain_automation n/a

Authors

Module managed by DNX Solutions.

License

Apache 2 Licensed. See LICENSE for full details.