Skip to content

nullstone-modules/aws-fargate-service

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

142 Commits
.github/workflows
.github/workflows
 
 
.nullstone
.nullstone
 
 
upgrades
upgrades
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
CHANGELOG.md
CHANGELOG.md
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
alarms.tf
alarms.tf
 
 
app.tf
app.tf
 
 
aws.tf
aws.tf
 
 
capabilities.tf
capabilities.tf
 
 
capabilities.tf.tmpl
capabilities.tf.tmpl
 
 
cluster.tf
cluster.tf
 
 
deployer.tf
deployer.tf
 
 
encryption.tf
encryption.tf
 
 
env_vars.tf
env_vars.tf
 
 
events.tf
events.tf
 
 
execution.tf
execution.tf
 
 
ingress.tf
ingress.tf
 
 
logs.tf
logs.tf
 
 
metrics.tf
metrics.tf
 
 
network.tf
network.tf
 
 
nullstone.tf
nullstone.tf
 
 
outputs.tf
outputs.tf
 
 
pusher.tf
pusher.tf
 
 
repository.tf
repository.tf
 
 
secrets.tf
secrets.tf
 
 
security-group.tf
security-group.tf
 
 
service.tf
service.tf
 
 
sidecars.tf
sidecars.tf
 
 
task.tf
task.tf
 
 
urls.tf
urls.tf
 
 
variables.tf
variables.tf
 
 
volumes.tf
volumes.tf
 
 

Repository files navigation

Fargate Service

This app module is used to create a long-running service such as an API, Web App, or Background Worker. To create a task/job that runs on a schedule or trigger, use Fargate Task.

When to use

Fargate Service is a great choice for APIs, Web Apps, or Background Workers and you do not want to manage EC2 servers.

Security & Compliance

Security scanning is graciously provided by Bridgecrew. Bridgecrew is the leading fully hosted, cloud-native solution providing continuous Terraform security and compliance.

Infrastructure Security CIS AWS V1.3 PCI-DSS V3.2 NIST-800-53 ISO27001 SOC2 HIPAA

Platform

This module uses AWS Fargate, which is a technology that allows you to run ECS container applications without managing EC2 servers (Virtual Machines).

Network Access

When the service is provisioned, it is placed into private subnets on the connected network. As a result, the Fargate Service can route to services on the private network and is accessible on the private network.

Public Access

To enable public access to the service, add an Ingress capability.

In most cases, a Load Balancer capability is the best choice for exposing as it enables rollout deployments with no downtime. Additionally, a Load Balancer allows you to split traffic between more than 1 task based on load.

Logs

Logs are automatically emitted to AWS Cloudwatch Log Group: /<task-name>. To access through the Nullstone CLI, use nullstone logs CLI command. (See logs for more information)

Secrets

Nullstone automatically injects secrets into your Fargate Service through environment variables. (They are stored in AWS Secrets Manager and injected by AWS during launch.)

Metric Alarms

Target Group

Load Balancers use Target Groups as a backend registration. As more containers are launched, AWS automatically registers these containers with the Target Group.

This app module enables the creation of Cloudwatch metric alarms through capability outputs. This is especially useful when creating auto-scaling capabilities based on metrics on the Target Group (e.g. RequestCountPerTarget).

To create a metric alarm in a capability, add an output that looks like the following. Note that type must be "target-group" and name must be unique amongst metric alarms.

output "metric_alarms" {
  value = [
    {
      type = "target-group"

      name                = "HighRequestCountPerTarget"
      comparison_operator = "GreaterThanThreshold"
      evaluation_periods  = "2"
      metric_name         = "RequestCountPerTarget"
      namespace           = "AWS/ApplicationELB"
      period              = "60"
      statistic           = "Sum"
      threshold           = "1000"
      alarm_description   = "Triggers a scale up of containers when the TargetGroup has a high number of requests per target"
      actions             = jsonencode([aws_appautoscaling_policy.scale_up.arn])
    }
  ]
}

About

Nullstone module to launch a Fargate container on AWS.

Topics

aws terraform docker-image ecs ecr terraform-module fargate nullstone

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

97 tags

Packages

 
 
 

Contributors 2

  •  
  •  

Languages