feat!: sub-modules integration into root module

Author: saumitra-dev

README.md

@@ -16,7 +16,12 @@
 
 ## Modules
 
-No modules.
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_acm"></a> [acm](#module\_acm) | ./modules/acm | n/a |
+| <a name="module_alb"></a> [alb](#module\_alb) | ./modules/alb | n/a |
+| <a name="module_asg"></a> [asg](#module\_asg) | ./modules/asg | n/a |
+| <a name="module_capacity_provider"></a> [capacity\_provider](#module\_capacity\_provider) | ./modules/capacity-provider | n/a |
 
 ## Resources
 
@@ -29,13 +34,50 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_acm_amazon_issued_certificates"></a> [acm\_amazon\_issued\_certificates](#input\_acm\_amazon\_issued\_certificates) | Amazon-issued ACM certificates to create | `any` | `{}` | no |
+| <a name="input_acm_imported_certificates"></a> [acm\_imported\_certificates](#input\_acm\_imported\_certificates) | Imported ACM certificates to create | `any` | `{}` | no |
+| <a name="input_acm_private_ca_issued_certificates"></a> [acm\_private\_ca\_issued\_certificates](#input\_acm\_private\_ca\_issued\_certificates) | Private CA Issued ACM certificates to create | `any` | `{}` | no |
+| <a name="input_autoscaling_group"></a> [autoscaling\_group](#input\_autoscaling\_group) | Configuration for Autoscaling Group | `any` | `{}` | no |
+| <a name="input_capacity_provider_default_auto_scaling_group_arn"></a> [capacity\_provider\_default\_auto\_scaling\_group\_arn](#input\_capacity\_provider\_default\_auto\_scaling\_group\_arn) | Default Autoscaling Group to use with the Capacity Providers | `string` | `null` | no |
+| <a name="input_capacity_providers"></a> [capacity\_providers](#input\_capacity\_providers) | Capacity Providers to create for use within the ECS Cluster | `any` | `{}` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of the ECS Cluster to use with the ECS Service | `string` | n/a | yes |
+| <a name="input_create_acm"></a> [create\_acm](#input\_create\_acm) | Creates the ACM certificates to use with the Load Balancer | `bool` | `false` | no |
+| <a name="input_create_alb"></a> [create\_alb](#input\_create\_alb) | Creates a new Application Load Balancer to use with the ECS Service | `bool` | `true` | no |
+| <a name="input_create_autoscaling_group"></a> [create\_autoscaling\_group](#input\_create\_autoscaling\_group) | Creates a new Autoscaling group to use with the ECS Service | `bool` | `true` | no |
+| <a name="input_create_capacity_provider"></a> [create\_capacity\_provider](#input\_create\_capacity\_provider) | Creates a new Capacity Provider to use with the Autoscaling Group | `bool` | `true` | no |
+| <a name="input_default_capacity_providers_strategies"></a> [default\_capacity\_providers\_strategies](#input\_default\_capacity\_providers\_strategies) | Default Capacity Provider Strategies to use | `any` | `[]` | no |
+| <a name="input_load_balancer"></a> [load\_balancer](#input\_load\_balancer) | Configuration for the Application Load Balancer | `any` | `{}` | no |
 | <a name="input_service"></a> [service](#input\_service) | Configuration for ECS Service | `any` | n/a | yes |
 | <a name="input_task_definition"></a> [task\_definition](#input\_task\_definition) | ECS Task Definition to use for running tasks | `any` | n/a | yes |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | Identifier of the VPC to use | `string` | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
+| <a name="output_alb_arn"></a> [alb\_arn](#output\_alb\_arn) | ARN of the Load Balancer |
+| <a name="output_alb_dns_name"></a> [alb\_dns\_name](#output\_alb\_dns\_name) | DNS name of the Load Balancer |
+| <a name="output_alb_id"></a> [alb\_id](#output\_alb\_id) | Identifier of the Load Balancer |
+| <a name="output_alb_listeners_arns"></a> [alb\_listeners\_arns](#output\_alb\_listeners\_arns) | ARNs of the Listeners |
+| <a name="output_alb_listeners_ids"></a> [alb\_listeners\_ids](#output\_alb\_listeners\_ids) | Identifiers of the Listeners |
+| <a name="output_alb_target_groups_arns"></a> [alb\_target\_groups\_arns](#output\_alb\_target\_groups\_arns) | ARNs of the Target Groups |
+| <a name="output_alb_target_groups_ids"></a> [alb\_target\_groups\_ids](#output\_alb\_target\_groups\_ids) | Identifiers of the Target Groups |
+| <a name="output_alb_zone_id"></a> [alb\_zone\_id](#output\_alb\_zone\_id) | Canonical hosted zone ID of the Load Balancer (to be used in a Route 53 Alias record) |
+| <a name="output_amazon_issued_acm_certificates_arns"></a> [amazon\_issued\_acm\_certificates\_arns](#output\_amazon\_issued\_acm\_certificates\_arns) | ARNs of the Amazon issued ACM certificates |
+| <a name="output_amazon_issued_acm_certificates_validation_records"></a> [amazon\_issued\_acm\_certificates\_validation\_records](#output\_amazon\_issued\_acm\_certificates\_validation\_records) | Validation Records of the Amazon issued ACM certificates |
+| <a name="output_asg_arn"></a> [asg\_arn](#output\_asg\_arn) | ARN of the Autoscaling group |
+| <a name="output_asg_iam_instance_profile_arn"></a> [asg\_iam\_instance\_profile\_arn](#output\_asg\_iam\_instance\_profile\_arn) | ARN of the IAM Instance Profile |
+| <a name="output_asg_iam_instance_profile_id"></a> [asg\_iam\_instance\_profile\_id](#output\_asg\_iam\_instance\_profile\_id) | Identifier of the IAM Instance Profile |
+| <a name="output_asg_iam_role_id"></a> [asg\_iam\_role\_id](#output\_asg\_iam\_role\_id) | Identifier of the IAM Role |
+| <a name="output_asg_id"></a> [asg\_id](#output\_asg\_id) | Identifier of the Autoscaling group |
+| <a name="output_asg_launch_template_arn"></a> [asg\_launch\_template\_arn](#output\_asg\_launch\_template\_arn) | ARN of the Launch Template |
+| <a name="output_asg_launch_template_id"></a> [asg\_launch\_template\_id](#output\_asg\_launch\_template\_id) | Identifier of the Launch Template |
+| <a name="output_capacity_provider_arns"></a> [capacity\_provider\_arns](#output\_capacity\_provider\_arns) | ARNs for the ECS Capacity Providers |
+| <a name="output_capacity_provider_ecs_cluster_capacity_providers_id"></a> [capacity\_provider\_ecs\_cluster\_capacity\_providers\_id](#output\_capacity\_provider\_ecs\_cluster\_capacity\_providers\_id) | Identifier for the ECS Cluster Capacity Providers |
+| <a name="output_capacity_provider_ids"></a> [capacity\_provider\_ids](#output\_capacity\_provider\_ids) | Identifiers for the ECS Capacity Providers |
 | <a name="output_ecs_service_arn"></a> [ecs\_service\_arn](#output\_ecs\_service\_arn) | ARN of the ECS Service |
 | <a name="output_ecs_task_definition_arn"></a> [ecs\_task\_definition\_arn](#output\_ecs\_task\_definition\_arn) | ARN of the ECS Task Definition |
+| <a name="output_imported_acm_certificates_arns"></a> [imported\_acm\_certificates\_arns](#output\_imported\_acm\_certificates\_arns) | ARNs of the Imported ACM certificates |
+| <a name="output_private_ca_issued_acm_certificates_arns"></a> [private\_ca\_issued\_acm\_certificates\_arns](#output\_private\_ca\_issued\_acm\_certificates\_arns) | ARNs of the Private CA issued ACM certificates |
+| <a name="output_private_ca_issued_acm_certificates_validation_records"></a> [private\_ca\_issued\_acm\_certificates\_validation\_records](#output\_private\_ca\_issued\_acm\_certificates\_validation\_records) | Validation Records of the Private CA issued ACM certificates |
 <!-- END_TF_DOCS -->

examples/complete/main.tf

@@ -38,9 +38,47 @@ locals {
 # ECS Deployment Module
 ################################################################################
 
+data "aws_ami" "ecs_optimized_amzn_linux" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["amzn2-ami-ecs-hvm-*-x86_64-ebs"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["amazon"]
+}
+
 module "ecs_deployment" {
   source = "../../"
 
+  cluster_name = local.cluster_name
+  vpc_id       = module.vpc.vpc_id
+
+  # ECS
+  service = {
+    name                 = local.service_name
+    desired_count        = 1
+    force_new_deployment = true
+
+    network_configuration = {
+      security_groups = [aws_security_group.allow_nginx_http_from_alb.id]
+      subnets         = module.vpc.private_subnets
+    }
+
+    load_balancer = [
+      {
+        target_group_arn = "my-target-group"
+        container_name   = "nginx"
+        container_port   = 80
+      }
+    ]
+  }
   task_definition = {
     family       = "${local.name_prefix}nginx"
     network_mode = "awsvpc"
@@ -70,93 +108,31 @@ module "ecs_deployment" {
     ]
   }
 
-  service = {
-    name                 = local.service_name
-    cluster              = local.cluster_name
-    desired_count        = 1
-    force_new_deployment = true
-
-    network_configuration = {
-      security_groups = [aws_security_group.allow_nginx_http_from_alb.id]
-      subnets         = module.vpc.private_subnets
+  # ASG
+  autoscaling_group = {
+    name                  = "${local.name_prefix}my-asg"
+    vpc_zone_identifier   = module.vpc.private_subnets
+    protect_from_scale_in = true
+
+    desired_capacity = 1
+    min_size         = 1
+    max_size         = 1
+
+    launch_template = {
+      name                   = "${local.name_prefix}my-launch-template"
+      image_id               = data.aws_ami.ecs_optimized_amzn_linux.id
+      instance_type          = "t2.micro"
+      vpc_security_group_ids = [aws_security_group.allow_all_within_vpc.id]
+      user_data              = <<-EOT
+          #!/bin/bash
+          echo ECS_CLUSTER=${local.cluster_name} >> /etc/ecs/ecs.config
+        EOT
     }
 
-    load_balancer = [
-      {
-        target_group_arn = module.alb.target_groups_arns["this"]
-        container_name   = "nginx"
-        container_port   = 80
-      }
-    ]
+    iam_role_ec2_container_service_role_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
   }
-}
-
-################################################################################
-# Supporting Resources
-################################################################################
-
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 5.9.0"
-
-  name = local.vpc_name
-  cidr = local.vpc_cidr
-
-  azs             = local.vpc_azs
-  private_subnets = local.vpc_private_subnets
-  public_subnets  = local.vpc_public_subnets
-
-  enable_nat_gateway = false
-  enable_vpn_gateway = false
-}
-
-data "aws_ami" "ecs_optimized_amzn_linux" {
-  most_recent = true
-
-  filter {
-    name   = "name"
-    values = ["amzn2-ami-ecs-hvm-*-x86_64-ebs"]
-  }
-
-  filter {
-    name   = "virtualization-type"
-    values = ["hvm"]
-  }
-
-  owners = ["amazon"]
-}
-
-module "asg" {
-  source = "../../modules/asg"
-
-  name                  = "${local.name_prefix}my-asg"
-  vpc_zone_identifier   = module.vpc.private_subnets
-  protect_from_scale_in = true
-
-  desired_capacity = 1
-  min_size         = 1
-  max_size         = 1
-
-  launch_template = {
-    name                   = "${local.name_prefix}my-launch-template"
-    image_id               = data.aws_ami.ecs_optimized_amzn_linux.id
-    instance_type          = "t2.micro"
-    vpc_security_group_ids = [aws_security_group.allow_all_within_vpc.id]
-    user_data              = <<-EOT
-      #!/bin/bash
-      echo ECS_CLUSTER=${local.cluster_name} >> /etc/ecs/ecs.config
-    EOT
-  }
-
-  iam_role_ec2_container_service_role_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
-}
-
-module "capacity_provider" {
-  source = "../../modules/capacity-provider"
-
-  ecs_cluster_name               = local.cluster_name
-  default_auto_scaling_group_arn = module.asg.arn
 
+  # Capacity Provider
   capacity_providers = {
     my-capacity-provider = {
       name = "${local.name_prefix}my-capacity-provider"
@@ -168,57 +144,78 @@ module "capacity_provider" {
       }
     }
   }
-
-  default_capacity_provider_strategies = [
+  default_capacity_providers_strategies = [
     {
       capacity_provider = "my-capacity-provider"
       weight            = 1
       base              = 0
     }
   ]
-}
 
-################################################################################
-# # Application Load Balancer
-################################################################################
-
-module "alb" {
-  source = "../../modules/alb"
+  # Amazon Certificates Manager
+  create_acm = true
+  acm_amazon_issued_certificates = {
+    base_domain = {
+      domain_name       = local.base_domain
+      validation_method = "DNS"
+    }
+  }
 
-  name                = "${local.name_prefix}my-alb"
-  internal            = false
-  security_groups_ids = [aws_security_group.alb_allow_all.id]
-  subnets_ids         = module.vpc.public_subnets
+  # Application Load Balancer
+  load_balancer = {
+    name                = "${local.name_prefix}my-alb"
+    internal            = false
+    security_groups_ids = [aws_security_group.alb_allow_all.id]
+    subnets_ids         = module.vpc.public_subnets
+
+    target_groups = {
+      my-target-group = {
+        name        = "${local.name_prefix}my-alb-tg"
+        port        = 80
+        protocol    = "HTTP"
+        target_type = "ip"
+
+        health_check = {
+          path = "/"
+        }
+      }
+    }
 
-  target_groups = {
-    this = {
-      name        = "${local.name_prefix}my-alb-tg"
-      vpc_id      = module.vpc.vpc_id
-      port        = 80
-      protocol    = "HTTP"
-      target_type = "ip"
+    listeners = {
+      my-listener = {
+        port        = 443
+        protocol    = "HTTPS"
+        certificate = "base_domain"
+        ssl_policy  = local.ssl_policy
 
-      health_check = {
-        path = "/"
+        default_action = [
+          {
+            type         = "forward"
+            target_group = "my-target-group"
+          }
+        ]
       }
     }
   }
+}
 
-  listeners = {
-    this = {
-      port            = 443
-      protocol        = "HTTPS"
-      certificate_arn = module.acm.amazon_issued_acm_certificates_arns["base_domain"]
-      ssl_policy      = local.ssl_policy
-
-      default_action = [
-        {
-          type         = "forward"
-          target_group = "this"
-        }
-      ]
-    }
-  }
+################################################################################
+# Supporting Resources
+################################################################################
+
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 5.9.0"
+
+  name = local.vpc_name
+  cidr = local.vpc_cidr
+
+  azs             = local.vpc_azs
+  private_subnets = local.vpc_private_subnets
+  public_subnets  = local.vpc_public_subnets
+
+  enable_nat_gateway = false
+  enable_vpn_gateway = false
 }
 
 ################################################################################
@@ -229,31 +226,20 @@ data "aws_route53_zone" "base_domain" {
   name = local.base_domain
 }
 
-module "acm" {
-  source = "../../modules/acm"
-
-  amazon_issued_certificates = {
-    base_domain = {
-      domain_name       = local.base_domain
-      validation_method = "DNS"
-    }
-  }
-}
-
 resource "aws_route53_record" "endpoint" {
   zone_id = data.aws_route53_zone.base_domain.zone_id
   name    = local.endpoint
   type    = "A"
 
   alias {
-    name                   = module.alb.dns_name
-    zone_id                = module.alb.zone_id
+    name                   = module.ecs_deployment.alb_dns_name
+    zone_id                = module.ecs_deployment.alb_zone_id
     evaluate_target_health = true
   }
 }
 
 resource "aws_acm_certificate_validation" "base_domain_certificate" {
-  certificate_arn         = module.acm.amazon_issued_acm_certificates_arns["base_domain"]
+  certificate_arn         = module.ecs_deployment.amazon_issued_acm_certificates_arns["base_domain"]
   validation_record_fqdns = [aws_route53_record.endpoint.fqdn]
 }