diff --git a/README.md b/README.md
index a376f2a..49d388d 100644
--- a/README.md
+++ b/README.md
@@ -86,95 +86,96 @@ module "fargate_service" {
## Requirements
-| Name | Version |
-|---------------------------------------------------------------------------|----------|
+| Name | Version |
+|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0.0 |
-| [aws](#requirement\_aws) | >= 4.00 |
-| [random](#requirement\_random) | >= 2.3.0 |
+| [aws](#requirement\_aws) | >= 4.00 |
+| [random](#requirement\_random) | >= 2.3.0 |
## Providers
-| Name | Version |
-|------------------------------------------------------------|---------|
-| [aws](#provider\_aws) | 4.6.0 |
-| [random](#provider\_random) | 3.1.2 |
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | 4.16.0 |
+| [random](#provider\_random) | 3.2.0 |
## Modules
-| Name | Source | Version |
-|------------------------------------------------------------------------------------|--------------------------------------------------|---------|
-| [secret\_kms\_key](#module\_secret\_kms\_key) | git@github.com:company/terraform-aws-kms-key.git | v0.0.1 |
+| Name | Source | Version |
+|------|--------|---------|
+| [secret\_kms\_key](#module\_secret\_kms\_key) | git@github.com:oozou/terraform-aws-kms-key.git | v0.0.1 |
## Resources
-| Name | Type |
-|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
-| [aws_cloudwatch_log_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_ecs_service.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
-| [aws_ecs_task_definition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
-| [aws_iam_role.task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role.task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
-| [aws_iam_role_policy.task_execution_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
-| [aws_iam_role_policy_attachment.task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_lb_listener_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule) | resource |
-| [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
-| [aws_secretsmanager_secret.service_json_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret.service_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
-| [aws_secretsmanager_secret_version.service_json_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_secretsmanager_secret_version.service_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
-| [aws_service_discovery_service.service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/service_discovery_service) | resource |
-| [random_string.service_secret_random_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_iam_policy_document.task_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.task_execution_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_role.get_ecs_task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source |
-| [aws_iam_role.get_ecs_task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_log_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_ecs_service.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
+| [aws_ecs_task_definition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
+| [aws_iam_role.task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role.task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.task_execution_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
+| [aws_iam_role_policy_attachment.task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_lb_listener_rule.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener_rule) | resource |
+| [aws_lb_target_group.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
+| [aws_secretsmanager_secret.service_json_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret.service_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
+| [aws_secretsmanager_secret_version.service_json_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_secretsmanager_secret_version.service_secrets](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [aws_service_discovery_service.service](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/service_discovery_service) | resource |
+| [random_string.service_secret_random_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_policy_document.task_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.task_execution_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_role.get_ecs_task_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source |
+| [aws_iam_role.get_ecs_task_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_role) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
-| Name | Description | Type | Default | Required |
-|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------|:--------:|
-| [additional\_ecs\_task\_execution\_role\_policy\_arns](#input\_additional\_ecs\_task\_execution\_role\_policy\_arns) | List of policies ARNs to attach to the ECS Task Role. eg: { rds\_arn = module.postgres\_db.rds\_policy\_arn } | `list(string)` | `[]` | no |
-| [additional\_ecs\_task\_role\_policy\_arns](#input\_additional\_ecs\_task\_role\_policy\_arns) | List of policies ARNs to attach to the ECS Task Role. eg: { rds\_arn = module.postgres\_db.rds\_policy\_arn } | `list(string)` | `[]` | no |
-| [alb\_host\_header](#input\_alb\_host\_header) | Mention host header for api endpoint | `string` | `null` | no |
-| [alb\_listener\_arn](#input\_alb\_listener\_arn) | The ALB listener to attach to | `string` | `""` | no |
-| [alb\_path](#input\_alb\_path) | Mention Path For ALB routing eg: / or /route1 | `string` | `""` | no |
-| [alb\_priority](#input\_alb\_priority) | Priority of ALB rule https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#listener-rules | `string` | `"100"` | no |
-| [apm\_config](#input\_apm\_config) | Config for X-Ray sidecar container for APM and traceability | object({
service_port = number
cpu = number
memory = number
}) | {
"cpu": 256,
"memory": 512,
"service_port": 9000
} | no |
-| [apm\_sidecar\_ecr\_url](#input\_apm\_sidecar\_ecr\_url) | [Optional] To enable APM, set Sidecar ECR URL | `string` | `""` | no |
-| [application\_subnet\_ids](#input\_application\_subnet\_ids) | Subnet IDs to deploy into | `list(string)` | n/a | yes |
-| [custom\_header\_token](#input\_custom\_header\_token) | [Required] Specify secret value for custom header | `string` | `""` | no |
-| [ecs\_cluster\_name](#input\_ecs\_cluster\_name) | ECS Cluster name to deploy in | `string` | n/a | yes |
-| [environment](#input\_environment) | Environment Variable used as a prefix | `string` | n/a | yes |
-| [envvars](#input\_envvars) | List of [{name = "", value = ""}] pairs of environment variables | set(object({
name = string
value = string
})) | [
{
"name": "EXAMPLE_ENV",
"value": "example"
}
]
| no |
-| [exists\_task\_execution\_role\_arn](#input\_exists\_task\_execution\_role\_arn) | The existing arn of task exec role | `string` | `null` | no |
-| [exists\_task\_role\_arn](#input\_exists\_task\_role\_arn) | The existing arn of task role | `string` | `""` | no |
-| [health\_check](#input\_health\_check) | Health Check Config for the service | `map(string)` | `{}` | no |
-| [is\_attach\_service\_with\_lb](#input\_is\_attach\_service\_with\_lb) | Attach the container to the public ALB? (true/false) | `bool` | n/a | yes |
-| [is\_create\_cloudwatch\_log\_group](#input\_is\_create\_cloudwatch\_log\_group) | Whether to create cloudwatch log group or not | `bool` | `true` | no |
-| [is\_create\_iam\_role](#input\_is\_create\_iam\_role) | Create the built in IAM role for task role and task exec role | `bool` | `true` | no |
-| [is\_enable\_execute\_command](#input\_is\_enable\_execute\_command) | Specifies whether to enable Amazon ECS Exec for the tasks within the service. | `bool` | `false` | no |
-| [json\_secrets](#input\_json\_secrets) | Map of secret name(as reflected in Secrets Manager) and secret JSON string associated | `map(string)` | `{}` | no |
-| [name](#input\_name) | Name of the ECS cluster to create | `string` | n/a | yes |
-| [prefix](#input\_prefix) | The prefix name of customer to be displayed in AWS console and resource | `string` | n/a | yes |
-| [secrets](#input\_secrets) | Map of secret name(as reflected in Secrets Manager) and secret JSON string associated | `map(string)` | `{}` | no |
-| [security\_groups](#input\_security\_groups) | Security groups to apply to service | `list(string)` | n/a | yes |
-| [service\_count](#input\_service\_count) | Number of containers to deploy | `number` | `1` | no |
-| [service\_discovery\_namespace](#input\_service\_discovery\_namespace) | DNS Namespace to deploy to | `string` | n/a | yes |
-| [service\_info](#input\_service\_info) | The configuration of service | object({
cpu_allocation = number
mem_allocation = number
containers_num = number
port = number
image = string
}) | n/a | yes |
-| [tags](#input\_tags) | Custom tags which can be passed on to the AWS resources. They should be key value pairs having distinct keys | `map(any)` | `{}` | no |
-| [vpc\_id](#input\_vpc\_id) | VPC id where security group is created | `string` | `""` | no |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [additional\_ecs\_task\_execution\_role\_policy\_arns](#input\_additional\_ecs\_task\_execution\_role\_policy\_arns) | List of policies ARNs to attach to the ECS Task Role. eg: { rds\_arn = module.postgres\_db.rds\_policy\_arn } | `list(string)` | `[]` | no |
+| [additional\_ecs\_task\_role\_policy\_arns](#input\_additional\_ecs\_task\_role\_policy\_arns) | List of policies ARNs to attach to the ECS Task Role. eg: { rds\_arn = module.postgres\_db.rds\_policy\_arn } | `list(string)` | `[]` | no |
+| [alb\_host\_header](#input\_alb\_host\_header) | Mention host header for api endpoint | `string` | `null` | no |
+| [alb\_listener\_arn](#input\_alb\_listener\_arn) | The ALB listener to attach to | `string` | `""` | no |
+| [alb\_paths](#input\_alb\_paths) | Mention list Path For ALB routing eg: ["/"] or ["/route1"] | `list(string)` | `[]` | no |
+| [alb\_priority](#input\_alb\_priority) | Priority of ALB rule https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#listener-rules | `string` | `"100"` | no |
+| [apm\_config](#input\_apm\_config) | Config for X-Ray sidecar container for APM and traceability | object({
service_port = number
cpu = number
memory = number
}) | {
"cpu": 256,
"memory": 512,
"service_port": 9000
} | no |
+| [apm\_sidecar\_ecr\_url](#input\_apm\_sidecar\_ecr\_url) | [Optional] To enable APM, set Sidecar ECR URL | `string` | `""` | no |
+| [application\_subnet\_ids](#input\_application\_subnet\_ids) | Subnet IDs to deploy into | `list(string)` | n/a | yes |
+| [custom\_header\_token](#input\_custom\_header\_token) | [Required] Specify secret value for custom header | `string` | `""` | no |
+| [ecs\_cluster\_name](#input\_ecs\_cluster\_name) | ECS Cluster name to deploy in | `string` | n/a | yes |
+| [environment](#input\_environment) | Environment Variable used as a prefix | `string` | n/a | yes |
+| [envvars](#input\_envvars) | List of [{name = "", value = ""}] pairs of environment variables | set(object({
name = string
value = string
})) | [
{
"name": "EXAMPLE_ENV",
"value": "example"
}
]
| no |
+| [exists\_task\_execution\_role\_arn](#input\_exists\_task\_execution\_role\_arn) | The existing arn of task exec role | `string` | `""` | no |
+| [exists\_task\_role\_arn](#input\_exists\_task\_role\_arn) | The existing arn of task role | `string` | `""` | no |
+| [health\_check](#input\_health\_check) | Health Check Config for the service | `map(string)` | `{}` | no |
+| [health\_check\_command\_override](#input\_health\_check\_command\_override) | Option to override a default health check command. | `list(string)` | `[]` | no |
+| [is\_attach\_service\_with\_lb](#input\_is\_attach\_service\_with\_lb) | Attach the container to the public ALB? (true/false) | `bool` | n/a | yes |
+| [is\_create\_cloudwatch\_log\_group](#input\_is\_create\_cloudwatch\_log\_group) | Whether to create cloudwatch log group or not | `bool` | `true` | no |
+| [is\_create\_iam\_role](#input\_is\_create\_iam\_role) | Create the built in IAM role for task role and task exec role | `bool` | `true` | no |
+| [is\_enable\_execute\_command](#input\_is\_enable\_execute\_command) | Specifies whether to enable Amazon ECS Exec for the tasks within the service. | `bool` | `false` | no |
+| [json\_secrets](#input\_json\_secrets) | Map of secret name(as reflected in Secrets Manager) and secret JSON string associated | `map(string)` | `{}` | no |
+| [name](#input\_name) | Name of the ECS cluster to create | `string` | n/a | yes |
+| [prefix](#input\_prefix) | The prefix name of customer to be displayed in AWS console and resource | `string` | n/a | yes |
+| [secrets](#input\_secrets) | Map of secret name(as reflected in Secrets Manager) and secret JSON string associated | `map(string)` | `{}` | no |
+| [security\_groups](#input\_security\_groups) | Security groups to apply to service | `list(string)` | n/a | yes |
+| [service\_count](#input\_service\_count) | Number of containers to deploy | `number` | `1` | no |
+| [service\_discovery\_namespace](#input\_service\_discovery\_namespace) | DNS Namespace to deploy to | `string` | n/a | yes |
+| [service\_info](#input\_service\_info) | The configuration of service | object({
cpu_allocation = number
mem_allocation = number
containers_num = number
port = number
image = string
}) | n/a | yes |
+| [tags](#input\_tags) | Custom tags which can be passed on to the AWS resources. They should be key value pairs having distinct keys | `map(any)` | `{}` | no |
+| [vpc\_id](#input\_vpc\_id) | VPC id where security group is created | `string` | `""` | no |
## Outputs
-| Name | Description |
-|-----------------------------------------------------------------------------------------------------------------|-------------------------------------------------|
-| [secret\_arns](#output\_secret\_arns) | List of ARNs of the SecretsManager secrets |
-| [secret\_json\_arn](#output\_secret\_json\_arn) | List of ARNs of the SecretsManager json secrets |
-| [task\_execution\_role\_arn](#output\_task\_execution\_role\_arn) | ECS Task execution role ARN |
-| [task\_execution\_role\_id](#output\_task\_execution\_role\_id) | ECS Task execution role ID |
-| [task\_role\_arn](#output\_task\_role\_arn) | ECS Task role ARN |
-| [task\_role\_id](#output\_task\_role\_id) | ECS Task role ID |
+| Name | Description |
+|------|-------------|
+| [secret\_arns](#output\_secret\_arns) | List of ARNs of the SecretsManager secrets |
+| [secret\_json\_arn](#output\_secret\_json\_arn) | List of ARNs of the SecretsManager json secrets |
+| [task\_execution\_role\_arn](#output\_task\_execution\_role\_arn) | ECS Task execution role ARN |
+| [task\_execution\_role\_id](#output\_task\_execution\_role\_id) | ECS Task execution role ID |
+| [task\_role\_arn](#output\_task\_role\_arn) | ECS Task role ARN |
+| [task\_role\_id](#output\_task\_role\_id) | ECS Task role ID |
diff --git a/locals.tf b/locals.tf
index 047006f..ff47378 100644
--- a/locals.tf
+++ b/locals.tf
@@ -60,8 +60,21 @@ locals {
/* Task Definition */
/* -------------------------------------------------------------------------- */
locals {
+ # default healthCheck command
+ # curl is not include with docker with default.
+ # Ensure curl is installed along with application container
+ default_health_check_command = ["CMD-SHELL", format("curl -sf http://localhost:%s%s", var.service_info.port, var.health_check.path)]
+
+ # healthCheck
+ health_check = {
+ command = length(var.health_check_command_override) > 0 ? var.health_check_command_override : local.default_health_check_command,
+ interval = var.health_check.interval
+ timeout = var.health_check.timeout
+ }
+
# TODO make it better later
container_definitions = local.is_apm_enabled ? templatefile("${path.module}/task-definitions/service-with-sidecar-container.json", {
+ attach_lb = var.is_attach_service_with_lb
cpu = var.service_info.cpu_allocation
service_image = var.service_info.image
memory = var.service_info.mem_allocation
@@ -71,12 +84,16 @@ locals {
service_port = var.service_info.port
envvars = jsonencode(var.envvars)
secrets_task_definition = jsonencode(local.secrets_task_definition)
+ health_check_command = jsonencode(local.health_check.command)
+ health_check_interval = local.health_check.interval
+ health_check_timeout = local.health_check.timeout
apm_cpu = var.apm_config.cpu
apm_sidecar_ecr_url = var.apm_sidecar_ecr_url
apm_memory = var.apm_config.memory
apm_name = local.apm_name
apm_service_port = var.apm_config.service_port
}) : templatefile("${path.module}/task-definitions/service-main-container.json", {
+ attach_lb = var.is_attach_service_with_lb
cpu = var.service_info.cpu_allocation
service_image = var.service_info.image
memory = var.service_info.mem_allocation
@@ -86,6 +103,9 @@ locals {
service_port = var.service_info.port
envvars = jsonencode(var.envvars)
secrets_task_definition = jsonencode(local.secrets_task_definition)
+ health_check_command = jsonencode(local.health_check.command)
+ health_check_interval = local.health_check.interval
+ health_check_timeout = local.health_check.timeout
})
}
diff --git a/task-definitions/service-main-container.json b/task-definitions/service-main-container.json
index 565b906..6453f0d 100644
--- a/task-definitions/service-main-container.json
+++ b/task-definitions/service-main-container.json
@@ -1,26 +1,32 @@
[
{
- "cpu":${cpu},
- "image":"${service_image}",
- "memory":${memory},
- "name":"${service_name}",
- "networkMode":"awsvpc",
- "essential":true,
- "logConfiguration":{
+ "cpu":${cpu},
+ "image":"${service_image}",
+ "memory":${memory},
+ "name":"${service_name}",
+ "networkMode":"awsvpc",
+ "essential":true,
+ "logConfiguration":{
"logDriver":"awslogs",
"options":{
- "awslogs-group":"${log_group_name}",
- "awslogs-region":"${region}",
- "awslogs-stream-prefix":"${service_name}"
+ "awslogs-group":"${log_group_name}",
+ "awslogs-region":"${region}",
+ "awslogs-stream-prefix":"${service_name}"
}
- },
- "portMappings":[
+ },
+ "portMappings":[
{
- "containerPort":${service_port},
- "hostPort":${service_port}
+ "containerPort":${service_port},
+ "hostPort":${service_port}
}
- ],
- "environment" : ${envvars},
- "secrets" : ${secrets_task_definition}
- }
+ ],
+ "environment" : ${envvars},
+ "secrets" : ${secrets_task_definition},
+%{ if attach_lb == false }
+ "healthCheck": {
+ "command": ${health_check_command},
+ "interval": ${health_check_interval},
+ "timeout": ${health_check_timeout}
+ }
+%{ endif }
]
diff --git a/task-definitions/service-with-sidecar-container.json b/task-definitions/service-with-sidecar-container.json
index 25f845d..5db3424 100644
--- a/task-definitions/service-with-sidecar-container.json
+++ b/task-definitions/service-with-sidecar-container.json
@@ -1,50 +1,57 @@
[
{
- "cpu":${cpu},
- "image":"${service_image}",
- "memory":${memory},
- "name":"${service_name}",
- "networkMode":"awsvpc",
- "essential":true,
- "logConfiguration":{
- "logDriver":"awslogs",
- "options":{
- "awslogs-group":"${log_group_name}",
- "awslogs-region":"${region}",
- "awslogs-stream-prefix":"${service_name}"
- }
- },
- "portMappings":[
- {
- "containerPort":${service_port},
- "hostPort":${service_port}
- }
- ],
- "environment" : ${envvars},
- "secrets" : ${secrets_task_definition}
+ "cpu":${cpu},
+ "image":"${service_image}",
+ "memory":${memory},
+ "name":"${service_name}",
+ "networkmode":"awsvpc",
+ "essential":true,
+ "logconfiguration":{
+ "logdriver":"awslogs",
+ "options":{
+ "awslogs-group":"${log_group_name}",
+ "awslogs-region":"${region}",
+ "awslogs-stream-prefix":"${service_name}"
+ }
+ },
+ "portmappings":[
+ {
+ "containerport":${service_port},
+ "hostport":${service_port}
+ }
+ ],
+ "environment" : ${envvars},
+ "secrets" : ${secrets_task_definition},
+%{ if attach_lb == false }
+ "healthCheck": {
+ "command": ${health_check_command},
+ "interval": ${health_check_interval},
+ "timeout": ${health_check_timeout}
+ }
+%{ endif }
},
{
- "cpu":${apm_cpu},
- "image":"${apm_sidecar_ecr_url}",
- "memory":${apm_memory},
- "name":"${apm_name}",
- "networkMode":"awsvpc",
- "essential":true,
- "logConfiguration": {
- "logDriver": "awslogs",
- "options":{
- "awslogs-group":"${log_group_name}",
- "awslogs-region":"${region}",
- "awslogs-stream-prefix":"${apm_name}"
- }
- },
- "portMappings": [
- {
- "protocol": "udp",
- "containerPort":${apm_service_port},
- "hostPort":${apm_service_port}
- }
- ],
- "volumesFrom": []
- }
+ "cpu":${apm_cpu},
+ "image":"${apm_sidecar_ecr_url}",
+ "memory":${apm_memory},
+ "name":"${apm_name}",
+ "networkmode":"awsvpc",
+ "essential":true,
+ "logconfiguration": {
+ "logdriver": "awslogs",
+ "options":{
+ "awslogs-group":"${log_group_name}",
+ "awslogs-region":"${region}",
+ "awslogs-stream-prefix":"${apm_name}"
+ }
+ },
+ "portmappings": [
+ {
+ "protocol": "udp",
+ "containerport":${apm_service_port},
+ "hostport":${apm_service_port}
+ }
+ ],
+ "volumesfrom": []
+ }
]
diff --git a/variables.tf b/variables.tf
index 593d00c..a54e261 100644
--- a/variables.tf
+++ b/variables.tf
@@ -223,3 +223,9 @@ variable "security_groups" {
description = "Security groups to apply to service"
type = list(string)
}
+
+variable "health_check_command_override" {
+ description = "Option to override a default health check command."
+ type = list(string)
+ default = []
+}