Last active
September 9, 2020 13:00
-
-
Save fwartner/36f02fd2cdf2855922b965c2fda21fe1 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| data.template_file.xentral_app: Refreshing state... | |
| data.aws_availability_zones.available: Refreshing state... | |
| data.aws_iam_policy_document.ecs_task_execution_role: Refreshing state... | |
| ------------------------------------------------------------------------ | |
| An execution plan has been generated and is shown below. | |
| Resource actions are indicated with the following symbols: | |
| + create | |
| Terraform will perform the following actions: | |
| # aws_alb.main will be created | |
| + resource "aws_alb" "main" { | |
| + arn = (known after apply) | |
| + arn_suffix = (known after apply) | |
| + dns_name = (known after apply) | |
| + drop_invalid_header_fields = false | |
| + enable_deletion_protection = false | |
| + enable_http2 = true | |
| + id = (known after apply) | |
| + idle_timeout = 60 | |
| + internal = (known after apply) | |
| + ip_address_type = (known after apply) | |
| + load_balancer_type = "application" | |
| + name = "xentral-load-balancer" | |
| + security_groups = (known after apply) | |
| + subnets = (known after apply) | |
| + vpc_id = (known after apply) | |
| + zone_id = (known after apply) | |
| + subnet_mapping { | |
| + allocation_id = (known after apply) | |
| + private_ipv4_address = (known after apply) | |
| + subnet_id = (known after apply) | |
| } | |
| } | |
| # aws_alb_listener.front_end will be created | |
| + resource "aws_alb_listener" "front_end" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + load_balancer_arn = (known after apply) | |
| + port = 80 | |
| + protocol = "HTTP" | |
| + ssl_policy = (known after apply) | |
| + default_action { | |
| + order = (known after apply) | |
| + target_group_arn = (known after apply) | |
| + type = "forward" | |
| } | |
| } | |
| # aws_alb_target_group.app will be created | |
| + resource "aws_alb_target_group" "app" { | |
| + arn = (known after apply) | |
| + arn_suffix = (known after apply) | |
| + deregistration_delay = 300 | |
| + id = (known after apply) | |
| + lambda_multi_value_headers_enabled = false | |
| + load_balancing_algorithm_type = (known after apply) | |
| + name = "xentral-target-group" | |
| + port = 80 | |
| + protocol = "HTTP" | |
| + proxy_protocol_v2 = false | |
| + slow_start = 0 | |
| + target_type = "ip" | |
| + vpc_id = (known after apply) | |
| + health_check { | |
| + enabled = true | |
| + healthy_threshold = 3 | |
| + interval = 30 | |
| + matcher = "200" | |
| + path = "/" | |
| + port = "traffic-port" | |
| + protocol = "HTTP" | |
| + timeout = 3 | |
| + unhealthy_threshold = 2 | |
| } | |
| + stickiness { | |
| + cookie_duration = (known after apply) | |
| + enabled = (known after apply) | |
| + type = (known after apply) | |
| } | |
| } | |
| # aws_appautoscaling_policy.down will be created | |
| + resource "aws_appautoscaling_policy" "down" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + name = "xentral_scale_down" | |
| + policy_type = "StepScaling" | |
| + resource_id = "service/xentral-cluster/xentral-service" | |
| + scalable_dimension = "ecs:service:DesiredCount" | |
| + service_namespace = "ecs" | |
| + step_scaling_policy_configuration { | |
| + adjustment_type = "ChangeInCapacity" | |
| + cooldown = 60 | |
| + metric_aggregation_type = "Maximum" | |
| + step_adjustment { | |
| + metric_interval_upper_bound = "0" | |
| + scaling_adjustment = -1 | |
| } | |
| } | |
| } | |
| # aws_appautoscaling_policy.up will be created | |
| + resource "aws_appautoscaling_policy" "up" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + name = "xentral_scale_up" | |
| + policy_type = "StepScaling" | |
| + resource_id = "service/xentral-cluster/xentral-service" | |
| + scalable_dimension = "ecs:service:DesiredCount" | |
| + service_namespace = "ecs" | |
| + step_scaling_policy_configuration { | |
| + adjustment_type = "ChangeInCapacity" | |
| + cooldown = 60 | |
| + metric_aggregation_type = "Maximum" | |
| + step_adjustment { | |
| + metric_interval_lower_bound = "0" | |
| + scaling_adjustment = 1 | |
| } | |
| } | |
| } | |
| # aws_appautoscaling_target.target will be created | |
| + resource "aws_appautoscaling_target" "target" { | |
| + id = (known after apply) | |
| + max_capacity = 6 | |
| + min_capacity = 3 | |
| + resource_id = "service/xentral-cluster/xentral-service" | |
| + role_arn = (known after apply) | |
| + scalable_dimension = "ecs:service:DesiredCount" | |
| + service_namespace = "ecs" | |
| } | |
| # aws_cloudwatch_log_group.xentral_log_group will be created | |
| + resource "aws_cloudwatch_log_group" "xentral_log_group" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + name = "/ecs/xentral-app" | |
| + retention_in_days = 30 | |
| + tags = { | |
| + "Name" = "xentral-log-group" | |
| } | |
| } | |
| # aws_cloudwatch_log_stream.xentral_log_stream will be created | |
| + resource "aws_cloudwatch_log_stream" "xentral_log_stream" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + log_group_name = "/ecs/xentral-app" | |
| + name = "xentral-log-stream" | |
| } | |
| # aws_cloudwatch_metric_alarm.service_cpu_high will be created | |
| + resource "aws_cloudwatch_metric_alarm" "service_cpu_high" { | |
| + actions_enabled = true | |
| + alarm_actions = (known after apply) | |
| + alarm_name = "xentral_cpu_utilization_high" | |
| + arn = (known after apply) | |
| + comparison_operator = "GreaterThanOrEqualToThreshold" | |
| + dimensions = { | |
| + "ClusterName" = "xentral-cluster" | |
| + "ServiceName" = "xentral-service" | |
| } | |
| + evaluate_low_sample_count_percentiles = (known after apply) | |
| + evaluation_periods = 2 | |
| + id = (known after apply) | |
| + metric_name = "CPUUtilization" | |
| + namespace = "AWS/ECS" | |
| + period = 60 | |
| + statistic = "Average" | |
| + threshold = 85 | |
| + treat_missing_data = "missing" | |
| } | |
| # aws_cloudwatch_metric_alarm.service_cpu_low will be created | |
| + resource "aws_cloudwatch_metric_alarm" "service_cpu_low" { | |
| + actions_enabled = true | |
| + alarm_actions = (known after apply) | |
| + alarm_name = "xentral_cpu_utilization_low" | |
| + arn = (known after apply) | |
| + comparison_operator = "LessThanOrEqualToThreshold" | |
| + dimensions = { | |
| + "ClusterName" = "xentral-cluster" | |
| + "ServiceName" = "xentral-service" | |
| } | |
| + evaluate_low_sample_count_percentiles = (known after apply) | |
| + evaluation_periods = 2 | |
| + id = (known after apply) | |
| + metric_name = "CPUUtilization" | |
| + namespace = "AWS/ECS" | |
| + period = 60 | |
| + statistic = "Average" | |
| + threshold = 10 | |
| + treat_missing_data = "missing" | |
| } | |
| # aws_ecs_cluster.main will be created | |
| + resource "aws_ecs_cluster" "main" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + name = "xentral-cluster" | |
| + setting { | |
| + name = (known after apply) | |
| + value = (known after apply) | |
| } | |
| } | |
| # aws_ecs_service.main will be created | |
| + resource "aws_ecs_service" "main" { | |
| + cluster = (known after apply) | |
| + deployment_maximum_percent = 200 | |
| + deployment_minimum_healthy_percent = 100 | |
| + desired_count = 3 | |
| + enable_ecs_managed_tags = false | |
| + iam_role = (known after apply) | |
| + id = (known after apply) | |
| + launch_type = "FARGATE" | |
| + name = "xentral-service" | |
| + platform_version = (known after apply) | |
| + scheduling_strategy = "REPLICA" | |
| + task_definition = (known after apply) | |
| + load_balancer { | |
| + container_name = "xentral-app" | |
| + container_port = 80 | |
| + target_group_arn = (known after apply) | |
| } | |
| + network_configuration { | |
| + assign_public_ip = true | |
| + security_groups = (known after apply) | |
| + subnets = (known after apply) | |
| } | |
| } | |
| # aws_ecs_task_definition.app will be created | |
| + resource "aws_ecs_task_definition" "app" { | |
| + arn = (known after apply) | |
| + container_definitions = jsonencode( | |
| [ | |
| + { | |
| + cpu = 1024 | |
| + image = "deinebaustoffe/xentral:latest" | |
| + logConfiguration = { | |
| + logDriver = "awslogs" | |
| + options = { | |
| + awslogs-group = "/ecs/xentral-app" | |
| + awslogs-region = "eu-central-1" | |
| + awslogs-stream-prefix = "ecs" | |
| } | |
| } | |
| + memory = 2048 | |
| + name = "central" | |
| + portMappings = [ | |
| + { | |
| + containerPort = 80 | |
| + hostPort = 80 | |
| }, | |
| ] | |
| }, | |
| ] | |
| ) | |
| + cpu = "1024" | |
| + execution_role_arn = (known after apply) | |
| + family = "xentral-app-task" | |
| + id = (known after apply) | |
| + memory = "2048" | |
| + network_mode = "awsvpc" | |
| + requires_compatibilities = [ | |
| + "FARGATE", | |
| ] | |
| + revision = (known after apply) | |
| } | |
| # aws_eip.gw[0] will be created | |
| + resource "aws_eip" "gw" { | |
| + allocation_id = (known after apply) | |
| + association_id = (known after apply) | |
| + customer_owned_ip = (known after apply) | |
| + domain = (known after apply) | |
| + id = (known after apply) | |
| + instance = (known after apply) | |
| + network_interface = (known after apply) | |
| + private_dns = (known after apply) | |
| + private_ip = (known after apply) | |
| + public_dns = (known after apply) | |
| + public_ip = (known after apply) | |
| + public_ipv4_pool = (known after apply) | |
| + vpc = true | |
| } | |
| # aws_eip.gw[1] will be created | |
| + resource "aws_eip" "gw" { | |
| + allocation_id = (known after apply) | |
| + association_id = (known after apply) | |
| + customer_owned_ip = (known after apply) | |
| + domain = (known after apply) | |
| + id = (known after apply) | |
| + instance = (known after apply) | |
| + network_interface = (known after apply) | |
| + private_dns = (known after apply) | |
| + private_ip = (known after apply) | |
| + public_dns = (known after apply) | |
| + public_ip = (known after apply) | |
| + public_ipv4_pool = (known after apply) | |
| + vpc = true | |
| } | |
| # aws_iam_role.ecs_task_execution_role will be created | |
| + resource "aws_iam_role" "ecs_task_execution_role" { | |
| + arn = (known after apply) | |
| + assume_role_policy = jsonencode( | |
| { | |
| + Statement = [ | |
| + { | |
| + Action = "sts:AssumeRole" | |
| + Effect = "Allow" | |
| + Principal = { | |
| + Service = "ecs-tasks.amazonaws.com" | |
| } | |
| + Sid = "" | |
| }, | |
| ] | |
| + Version = "2012-10-17" | |
| } | |
| ) | |
| + create_date = (known after apply) | |
| + force_detach_policies = false | |
| + id = (known after apply) | |
| + max_session_duration = 3600 | |
| + name = "xentral-task-role" | |
| + path = "/" | |
| + unique_id = (known after apply) | |
| } | |
| # aws_iam_role_policy_attachment.ecs_task_execution_role will be created | |
| + resource "aws_iam_role_policy_attachment" "ecs_task_execution_role" { | |
| + id = (known after apply) | |
| + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" | |
| + role = "xentral-task-role" | |
| } | |
| # aws_internet_gateway.gw will be created | |
| + resource "aws_internet_gateway" "gw" { | |
| + arn = (known after apply) | |
| + id = (known after apply) | |
| + owner_id = (known after apply) | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_nat_gateway.gw[0] will be created | |
| + resource "aws_nat_gateway" "gw" { | |
| + allocation_id = (known after apply) | |
| + id = (known after apply) | |
| + network_interface_id = (known after apply) | |
| + private_ip = (known after apply) | |
| + public_ip = (known after apply) | |
| + subnet_id = (known after apply) | |
| } | |
| # aws_nat_gateway.gw[1] will be created | |
| + resource "aws_nat_gateway" "gw" { | |
| + allocation_id = (known after apply) | |
| + id = (known after apply) | |
| + network_interface_id = (known after apply) | |
| + private_ip = (known after apply) | |
| + public_ip = (known after apply) | |
| + subnet_id = (known after apply) | |
| } | |
| # aws_route.internet_access will be created | |
| + resource "aws_route" "internet_access" { | |
| + destination_cidr_block = "0.0.0.0/0" | |
| + destination_prefix_list_id = (known after apply) | |
| + egress_only_gateway_id = (known after apply) | |
| + gateway_id = (known after apply) | |
| + id = (known after apply) | |
| + instance_id = (known after apply) | |
| + instance_owner_id = (known after apply) | |
| + local_gateway_id = (known after apply) | |
| + nat_gateway_id = (known after apply) | |
| + network_interface_id = (known after apply) | |
| + origin = (known after apply) | |
| + route_table_id = (known after apply) | |
| + state = (known after apply) | |
| } | |
| # aws_route_table.private[0] will be created | |
| + resource "aws_route_table" "private" { | |
| + id = (known after apply) | |
| + owner_id = (known after apply) | |
| + propagating_vgws = (known after apply) | |
| + route = [ | |
| + { | |
| + cidr_block = "0.0.0.0/0" | |
| + egress_only_gateway_id = "" | |
| + gateway_id = "" | |
| + instance_id = "" | |
| + ipv6_cidr_block = "" | |
| + local_gateway_id = "" | |
| + nat_gateway_id = (known after apply) | |
| + network_interface_id = "" | |
| + transit_gateway_id = "" | |
| + vpc_peering_connection_id = "" | |
| }, | |
| ] | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_route_table.private[1] will be created | |
| + resource "aws_route_table" "private" { | |
| + id = (known after apply) | |
| + owner_id = (known after apply) | |
| + propagating_vgws = (known after apply) | |
| + route = [ | |
| + { | |
| + cidr_block = "0.0.0.0/0" | |
| + egress_only_gateway_id = "" | |
| + gateway_id = "" | |
| + instance_id = "" | |
| + ipv6_cidr_block = "" | |
| + local_gateway_id = "" | |
| + nat_gateway_id = (known after apply) | |
| + network_interface_id = "" | |
| + transit_gateway_id = "" | |
| + vpc_peering_connection_id = "" | |
| }, | |
| ] | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_route_table_association.private[0] will be created | |
| + resource "aws_route_table_association" "private" { | |
| + id = (known after apply) | |
| + route_table_id = (known after apply) | |
| + subnet_id = (known after apply) | |
| } | |
| # aws_route_table_association.private[1] will be created | |
| + resource "aws_route_table_association" "private" { | |
| + id = (known after apply) | |
| + route_table_id = (known after apply) | |
| + subnet_id = (known after apply) | |
| } | |
| # aws_security_group.ecs_tasks will be created | |
| + resource "aws_security_group" "ecs_tasks" { | |
| + arn = (known after apply) | |
| + description = "allow inbound access from the ALB only" | |
| + egress = [ | |
| + { | |
| + cidr_blocks = [ | |
| + "0.0.0.0/0", | |
| ] | |
| + description = "" | |
| + from_port = 0 | |
| + ipv6_cidr_blocks = [] | |
| + prefix_list_ids = [] | |
| + protocol = "-1" | |
| + security_groups = [] | |
| + self = false | |
| + to_port = 0 | |
| }, | |
| ] | |
| + id = (known after apply) | |
| + ingress = [ | |
| + { | |
| + cidr_blocks = [] | |
| + description = "" | |
| + from_port = 80 | |
| + ipv6_cidr_blocks = [] | |
| + prefix_list_ids = [] | |
| + protocol = "tcp" | |
| + security_groups = (known after apply) | |
| + self = false | |
| + to_port = 80 | |
| }, | |
| ] | |
| + name = "xentral-ecs-tasks-security-group" | |
| + owner_id = (known after apply) | |
| + revoke_rules_on_delete = false | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_security_group.lb will be created | |
| + resource "aws_security_group" "lb" { | |
| + arn = (known after apply) | |
| + description = "controls access to the ALB" | |
| + egress = [ | |
| + { | |
| + cidr_blocks = [ | |
| + "0.0.0.0/0", | |
| ] | |
| + description = "" | |
| + from_port = 0 | |
| + ipv6_cidr_blocks = [] | |
| + prefix_list_ids = [] | |
| + protocol = "-1" | |
| + security_groups = [] | |
| + self = false | |
| + to_port = 0 | |
| }, | |
| ] | |
| + id = (known after apply) | |
| + ingress = [ | |
| + { | |
| + cidr_blocks = [ | |
| + "0.0.0.0/0", | |
| ] | |
| + description = "" | |
| + from_port = 80 | |
| + ipv6_cidr_blocks = [] | |
| + prefix_list_ids = [] | |
| + protocol = "tcp" | |
| + security_groups = [] | |
| + self = false | |
| + to_port = 80 | |
| }, | |
| ] | |
| + name = "xentral-load-balancer-security-group" | |
| + owner_id = (known after apply) | |
| + revoke_rules_on_delete = false | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_subnet.private[0] will be created | |
| + resource "aws_subnet" "private" { | |
| + arn = (known after apply) | |
| + assign_ipv6_address_on_creation = false | |
| + availability_zone = "eu-central-1a" | |
| + availability_zone_id = (known after apply) | |
| + cidr_block = "172.17.0.0/24" | |
| + id = (known after apply) | |
| + ipv6_cidr_block_association_id = (known after apply) | |
| + map_public_ip_on_launch = false | |
| + owner_id = (known after apply) | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_subnet.private[1] will be created | |
| + resource "aws_subnet" "private" { | |
| + arn = (known after apply) | |
| + assign_ipv6_address_on_creation = false | |
| + availability_zone = "eu-central-1b" | |
| + availability_zone_id = (known after apply) | |
| + cidr_block = "172.17.1.0/24" | |
| + id = (known after apply) | |
| + ipv6_cidr_block_association_id = (known after apply) | |
| + map_public_ip_on_launch = false | |
| + owner_id = (known after apply) | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_subnet.public[0] will be created | |
| + resource "aws_subnet" "public" { | |
| + arn = (known after apply) | |
| + assign_ipv6_address_on_creation = false | |
| + availability_zone = "eu-central-1a" | |
| + availability_zone_id = (known after apply) | |
| + cidr_block = "172.17.2.0/24" | |
| + id = (known after apply) | |
| + ipv6_cidr_block_association_id = (known after apply) | |
| + map_public_ip_on_launch = true | |
| + owner_id = (known after apply) | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_subnet.public[1] will be created | |
| + resource "aws_subnet" "public" { | |
| + arn = (known after apply) | |
| + assign_ipv6_address_on_creation = false | |
| + availability_zone = "eu-central-1b" | |
| + availability_zone_id = (known after apply) | |
| + cidr_block = "172.17.3.0/24" | |
| + id = (known after apply) | |
| + ipv6_cidr_block_association_id = (known after apply) | |
| + map_public_ip_on_launch = true | |
| + owner_id = (known after apply) | |
| + vpc_id = (known after apply) | |
| } | |
| # aws_vpc.main will be created | |
| + resource "aws_vpc" "main" { | |
| + arn = (known after apply) | |
| + assign_generated_ipv6_cidr_block = false | |
| + cidr_block = "172.17.0.0/16" | |
| + default_network_acl_id = (known after apply) | |
| + default_route_table_id = (known after apply) | |
| + default_security_group_id = (known after apply) | |
| + dhcp_options_id = (known after apply) | |
| + enable_classiclink = (known after apply) | |
| + enable_classiclink_dns_support = (known after apply) | |
| + enable_dns_hostnames = (known after apply) | |
| + enable_dns_support = true | |
| + id = (known after apply) | |
| + instance_tenancy = "default" | |
| + ipv6_association_id = (known after apply) | |
| + ipv6_cidr_block = (known after apply) | |
| + main_route_table_id = (known after apply) | |
| + owner_id = (known after apply) | |
| } | |
| Plan: 32 to add, 0 to change, 0 to destroy. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment