aboutsummaryrefslogtreecommitdiffstats
path: root/fdio.infra.terraform/terraform-aws-fdio-csit-dash-env/main.tf
blob: 3e70b4ddf8d3640aa5bf4cd04be63c1504acd283 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
data "vault_generic_secret" "fdio_docs" {
  path = "kv/secret/data/etl/fdio_docs"
}

data "vault_aws_access_credentials" "creds" {
  backend = "${var.vault_name}-path"
  role    = "${var.vault_name}-role"
}

module "elastic_beanstalk_application" {
  source = "../terraform-aws-elastic-beanstalk-application"

  # application
  application_description                    = "FD.io CSIT Results Dashboard"
  application_name                           = "fdio-csit-dash-app"
  appversion_lifecycle_service_role_arn      = ""
  appversion_lifecycle_max_count             = 2
  appversion_lifecycle_delete_source_from_s3 = false
}

module "elastic_beanstalk_environment" {
  source = "../terraform-aws-elastic-beanstalk-environment"

  # vpc
  vpc_cidr_block           = "192.168.0.0/24"
  vpc_enable_dns_hostnames = true
  vpc_enable_dns_support   = true
  vpc_instance_tenancy     = "default"

  # subnet
  subnet_availability_zone = "eu-central-1a"

  # environment
  environment_application            = module.elastic_beanstalk_application.application_name
  environment_description            = module.elastic_beanstalk_application.application_description
  environment_name                   = "fdio-csit-dash-env"
  environment_solution_stack_name    = "64bit Amazon Linux 2 v3.3.12 running Python 3.8"
  environment_tier                   = "WebServer"
  environment_wait_for_ready_timeout = "20m"
  environment_version_label          = ""

  # aws:ec2:instances
  instances_instance_types = "t3a.medium"

  # aws:ec2:vpc
  associate_public_ip_address = true
  elb_scheme                  = "public"

  # aws:elbv2:listener:default
  default_listener_enabled = true

  # aws:elasticbeanstalk:environment
  environment_loadbalancer_type = "network"

  # aws:elasticbeanstalk:environment:process:default
  environment_process_default_healthcheck_interval      = 10
  environment_process_default_healthy_threshold_count   = 3
  environment_process_default_port                      = 5000
  environment_process_default_unhealthy_threshold_count = 3

  # aws:elasticbeanstalk:healthreporting:system
  healthreporting_system_type = "enhanced"

  # aws:elasticbeanstalk:managedactions
  managedactions_managed_actions_enabled = true
  managedactions_preferred_start_time    = "Sun:10:00"

  # aws:elasticbeanstalk:managedactions:platformupdate
  managedactions_platformupdate_update_level             = "minor"
  managedactions_platformupdate_instance_refresh_enabled = true

  # aws:autoscaling:asg
  autoscaling_asg_minsize = 1
  autoscaling_asg_maxsize = 2

  # aws:autoscaling:trigger
  autoscaling_trigger_measure_name                 = "CPUUtilization"
  autoscaling_trigger_statistic                    = "Average"
  autoscaling_trigger_unit                         = "Percent"
  autoscaling_trigger_lower_threshold              = 20
  autoscaling_trigger_lower_breach_scale_increment = -1
  autoscaling_trigger_upper_threshold              = 80
  autoscaling_trigger_upper_breach_scale_increment = 1

  # aws:elasticbeanstalk:hostmanager
  hostmanager_log_publication_control = true

  # aws:elasticbeanstalk:cloudwatch:logs
  cloudwatch_logs_stream_logs         = true
  cloudwatch_logs_delete_on_terminate = true
  cloudwatch_logs_retention_in_days   = 3

  # aws:elasticbeanstalk:cloudwatch:logs:health
  cloudwatch_logs_health_health_streaming_enabled = true
  cloudwatch_logs_health_delete_on_terminate      = true
  cloudwatch_logs_health_retention_in_days        = 3

  environment_type = "LoadBalanced"

  # aws:elasticbeanstalk:application:environment
  environment_variables = {
    "AWS_ACCESS_KEY_ID"     = data.vault_generic_secret.fdio_docs.data["access_key"]
    "AWS_SECRET_ACCESS_KEY" = data.vault_generic_secret.fdio_docs.data["secret_key"]
    "AWS_DEFAULT_REGION"    = data.vault_generic_secret.fdio_docs.data["region"]
  }
}