1 resource "aws_security_group" "management-elb" {
2 count = "${var.management_elb > 0 ? 1 : 0}"
3 vpc_id = "${var.vpc_id}"
4 name = "${var.management_service_name}-elb"
5 description = "${var.management_service_name} internal ELB"
7 resource "aws_security_group_rule" "management-elb-out-all" {
8 count = "${var.management_elb > 0 ? 1 : 0}"
9 security_group_id = "${aws_security_group.management-elb.id}"
14 cidr_blocks = [ "0.0.0.0/0" ]
16 resource "aws_security_group_rule" "management-elb-in-ssh" {
17 count = "${var.management_elb > 0 ? 1 : 0}"
18 security_group_id = "${aws_security_group.management-elb.id}"
23 cidr_blocks = [ "0.0.0.0/0" ]
26 resource "aws_security_group" "management" {
27 vpc_id = "${var.vpc_id}"
28 name = "${var.management_service_name}"
29 description = "${var.management_service_name} service"
31 resource "aws_security_group_rule" "management-out-all" {
32 security_group_id = "${aws_security_group.management.id}"
37 cidr_blocks = [ "0.0.0.0/0" ]
39 resource "aws_security_group_rule" "management-in-self" {
40 security_group_id = "${aws_security_group.management.id}"
47 resource "aws_security_group_rule" "management-in-elb" {
48 security_group_id = "${aws_security_group.management.id}"
53 source_security_group_id = "${aws_security_group.management-elb.id}"
56 resource "aws_elb" "management" {
57 count = "${var.management_elb > 0 ? 1 : 0}"
58 name = "${var.management_service_name}-int-elb"
59 security_groups = ["${aws_security_group.management-elb.id}"]
63 instance_protocol = "TCP"
69 unhealthy_threshold = 2
75 subnets = ["${var.management_subnet_ids}"]
78 data "aws_ami" "amazon_linux" {
79 count = "${length(var.ami) > 0 ? 0 : 1}"
84 values = ["amzn-ami-hvm-*-gp2"]
87 name = "root-device-type"
90 # hack filter to ignore .rc- release candidate amis
91 name_regex = "amzn-ami-hvm-[^r]*-gp2"
94 data "aws_region" "current" {
97 data "template_file" "user_data" {
98 template = "${file("${path.module}/user-data.tpl")}"
100 region = "${data.aws_region.current.name}"
101 app_name = "${var.management_service_name}"
103 phase = "${var.phase}"
105 cluster = "${var.management_service_name}-d0${var.phase}"
106 acct_name = "${var.acct_name}"
110 resource "aws_launch_configuration" "management" {
111 name_prefix = "${var.management_service_name}"
112 image_id = "${length(var.ami) > 0 ? var.ami : data.aws_ami.amazon_linux.image_id}"
113 instance_type = "${var.instance_type}"
114 iam_instance_profile = "${aws_iam_instance_profile.management.name}"
115 key_name = "${var.key_name}"
116 security_groups = ["${concat(var.security_group_ids, list(aws_security_group.management.id))}"]
117 associate_public_ip_address = false
118 user_data = "${data.template_file.user_data.rendered}"
120 create_before_destroy = true
124 resource "aws_autoscaling_group" "management" {
125 name = "${var.management_service_name}"
126 launch_configuration = "${aws_launch_configuration.management.name}"
127 vpc_zone_identifier = ["${var.management_subnet_ids}"]
129 max_size = "${length(var.management_subnet_ids)}"
130 default_cooldown = 10
131 health_check_type = "EC2"
132 load_balancers = ["${var.management_elb > 0 ? aws_elb.management.name : ""}"]
134 create_before_destroy = true
137 propagate_at_launch = true
139 value = "${var.management_service_name}"
142 propagate_at_launch = true
144 value = "${var.phase}"
148 resource "aws_autoscaling_notification" "management" {
149 group_names = ["${aws_autoscaling_group.management.name}"]
150 topic_arn = "${aws_sns_topic.management-events.arn}"
152 "autoscaling:EC2_INSTANCE_LAUNCH",
153 "autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
154 "autoscaling:EC2_INSTANCE_TERMINATE",
155 "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"
159 data "aws_subnet" "management" {
160 count = "${length(var.management_subnet_ids)}"
161 id = "${element(var.management_subnet_ids, count.index)}"
164 resource "aws_ebs_volume" "management-data" {
165 count = "${length(var.management_subnet_ids) * var.management_data_efs}"
166 availability_zone = "${element(data.aws_subnet.management.*.availability_zone, count.index)}"
167 size = "${var.management_data_volume_size}"
170 module = "${var.management_service_name}"
174 resource "aws_efs_file_system" "management-data" {
175 count = "${var.management_data_efs}"
176 creation_token = "${var.management_service_name}-data"
178 Name = "${var.management_service_name}-data"
182 resource "aws_efs_mount_target" "management-data" {
183 count = "${length(var.management_subnet_ids) * var.management_data_efs}"
184 file_system_id = "${aws_efs_file_system.management-data.id}"
185 subnet_id = "${element(var.management_subnet_ids, count.index)}"
186 security_groups = ["${aws_security_group.management.id}"]