feat!: Add support for creating ECS service and container definition

[bryantbiggs]

Description

• Add support for creating cluster CloudWatch log group
• Add support for ECS service connect
• Add support for creating task execution from cluster module; this is for scenarios where you wish to create one task execution role shared across tasks within the cluster (there is also support for individual task execution role at the service level)
• Add support for creating container definition within HCL; this is consumed by the service sub-module

Motivation and Context

• Adds the ability for users to create all ECS resources; now supporting service and container-definition sub-modules
• Closes Add support for volumes in task definitions #70

Breaking Changes

• No

How Has This Been Tested?

• I have updated at least one of the examples/* to demonstrate and validate my change(s)
• I have tested and validated these changes using one or more of the provided examples/* projects
• I have executed pre-commit run -a on my pull request

⚠️ Note - the changes here have been tested and validated on a number of examples since its used by the ECS Blueprints project. Once these changes are merged, the ECS Blueprints project will be updated to use this module and this copy will be archived/deleted

[bryantbiggs]

@antonbabenko I made some updates and provided some responses/feedback - please take another look when you have some time and let me know what your thoughts are. I also added a design doc to capture a lot of the information that went into the current proposal. Hopefully that is useful for both the review and future users

[antonbabenko]

Looks very good. The only big thing is related to the submodule for ECS Cluster, and we are good to go!

[antonbabenko]

Same here. Why not 4096? Trying to understand the logic in the default value :)

[antonbabenko]

Please add this hook after terraform_fmt:

      - id: terraform_wrapper_module_for_each

[antonbabenko]

LGTM! Great work (as usual)!

[antonbabenko]

I hit approved a bit too early :) Let's make a submodule for the ECS cluster.

[bryantbiggs]

@antonbabenko I've moved the container-definition up to the service module. I added the wrapper pre-commit hook as requested but it seems to be fighting with the format hook

[bryantbiggs]

I'm not really digging this influence terragrunt is having over the modules. It seems to be more complexity than value

[antonbabenko]

Fixed in antonbabenko/pre-commit-terraform#503 , please use v1.77.2 in this pull-request and rerun it. I couldn't push to your fork:

To github.com:terraform-aws-modules/terraform-aws-ecs.git
 ! [remote rejected] clowdhaus/master -> refs/pull/76/head (deny updating a hidden ref)
error: failed to push some refs to 'github.com:terraform-aws-modules/terraform-aws-ecs.git'

[antonbabenko]

I'm not really digging this influence terragrunt is having over the modules. It seems to be more complexity than value

Terragrunt is one of the tools, but the overall suggestion I have is to have both options:

1. composable ECS units (Cluster, Service, Container-Definition) as submodules
2. root module, which combines calls to Cluster and Service submodules

It will allow users to achieve flexibility as they need regardless of the wrapper tool they use.

---

I see you merged the container-definition submodule into the service. I think it was good to have it as a submodule, though. This way users may use it completely separately from the rest of the ECS resources we manage in this repository.

[bryantbiggs]

@antonbabenko I think I captured all of the changes, please take another look when you get a chance

[antonbabenko]

Looks very good. It was hard to review in GitHub UI. Minor comments related to docs mostly.

[antonbabenko]

Suggested change

	source = "terraform-aws-modules/ecs"
	source = "terraform-aws-modules/ecs/aws"

This is in many places throughout the docs.

[bryantbiggs]

Updated in c6fef3b

[antonbabenko]

Maybe add a new line before create_... and comments like you do in the service module to separate blocks.

[bryantbiggs]

Updated in c6fef3b

[antonbabenko]

Suggested change

	# AWS ECS Terraform module
	# AWS ECS Cluster Terraform module

[bryantbiggs]

Updated in c6fef3b

[antonbabenko]

Unfortunately. I really dislike this feature of Terraform... :(

[bryantbiggs]

Yes! See below (its now removed)

[antonbabenko]

Should this output be marked as sensitive? I see that in modules/service/outputs.tf it is marked so, so here it should probably be also marked?

[bryantbiggs]

This was my bad - in the examples I was using an SSM parameter data source to pull a container image and the second you use that, it requires outputs to be marked as sensitive. So for now, I removed that and used a static string and will leave this up to users to mark the output as sensitive (if they need to)

[rajibahmed]

great work !! I am trying to use this module, really need this to make my billion dollar app work.

[antonbabenko]

👍👍👍

[antonbabenko]

This PR is included in version 5.0.0 🎉

[github-actions]

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.