1 resource "aws_security_group" "management-elb" {
2 count = "${var.management_elb > 0 ? 1 : 0}"
3 vpc_id = "${var.vpc_id}"
4 name = "${var.management_service_name}-elb"
5 description = "${var.management_service_name} internal ELB"
7 resource "aws_security_group_rule" "management-elb-out-all" {
8 count = "${var.management_elb > 0 ? 1 : 0}"
9 security_group_id = "${aws_security_group.management-elb.id}"
14 cidr_blocks = [ "0.0.0.0/0" ]
16 resource "aws_security_group_rule" "management-elb-in-ssh" {
17 count = "${var.management_elb > 0 ? 1 : 0}"
18 security_group_id = "${aws_security_group.management-elb.id}"
23 cidr_blocks = [ "0.0.0.0/0" ]
26 resource "aws_security_group" "management" {
27 vpc_id = "${var.vpc_id}"
28 name = "${var.management_service_name}"
29 description = "${var.management_service_name} service"
31 resource "aws_security_group_rule" "management-out-all" {
32 security_group_id = "${aws_security_group.management.id}"
37 cidr_blocks = [ "0.0.0.0/0" ]
39 resource "aws_security_group_rule" "management-in-self" {
40 security_group_id = "${aws_security_group.management.id}"
47 resource "aws_security_group_rule" "management-in-elb" {
48 security_group_id = "${aws_security_group.management.id}"
53 source_security_group_id = "${aws_security_group.management-elb.id}"
56 resource "aws_elb" "management" {
57 count = "${var.management_elb > 0 ? 1 : 0}"
58 name = "${var.management_service_name}-int-elb"
59 security_groups = ["${aws_security_group.management-elb.id}"]
63 instance_protocol = "TCP"
69 unhealthy_threshold = 2
75 subnets = ["${var.management_subnet_ids}"]
78 data "aws_ami" "amazon_linux" {
79 count = "${length(var.ami) > 0 ? 0 : 1}"
84 values = ["amzn-ami-hvm-*-gp2"]
87 name = "root-device-type"
92 data "aws_region" "current" {
95 data "template_file" "user_data" {
96 template = "${file("${path.module}/user-data.tpl")}"
98 region = "${data.aws_region.current.name}"
99 app_name = "${var.management_service_name}"
101 phase = "${var.phase}"
103 cluster = "${var.management_service_name}-d0${var.phase}"
104 acct_name = "${var.acct_name}"
108 resource "aws_launch_configuration" "management" {
109 name_prefix = "${var.management_service_name}"
110 image_id = "${length(var.ami) > 0 ? var.ami : data.aws_ami.amazon_linux.image_id}"
111 instance_type = "${var.instance_type}"
112 iam_instance_profile = "${aws_iam_instance_profile.management.name}"
113 key_name = "${var.key_name}"
114 security_groups = ["${concat(var.security_group_ids, list(aws_security_group.management.id))}"]
115 associate_public_ip_address = false
116 user_data = "${data.template_file.user_data.rendered}"
118 create_before_destroy = true
122 resource "aws_autoscaling_group" "management" {
123 name = "${var.management_service_name}"
124 launch_configuration = "${aws_launch_configuration.management.name}"
125 vpc_zone_identifier = ["${var.management_subnet_ids}"]
127 max_size = "${length(var.management_subnet_ids)}"
128 default_cooldown = 10
129 health_check_type = "EC2"
130 load_balancers = ["${var.management_elb > 0 ? aws_elb.management.name : ""}"]
132 create_before_destroy = true
135 propagate_at_launch = true
137 value = "${var.management_service_name}"
140 propagate_at_launch = true
142 value = "${var.phase}"
146 resource "aws_autoscaling_notification" "management" {
147 group_names = ["${aws_autoscaling_group.management.name}"]
148 topic_arn = "${aws_sns_topic.management-events.arn}"
150 "autoscaling:EC2_INSTANCE_LAUNCH",
151 "autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
152 "autoscaling:EC2_INSTANCE_TERMINATE",
153 "autoscaling:EC2_INSTANCE_TERMINATE_ERROR"
157 data "aws_subnet" "management" {
158 count = "${length(var.management_subnet_ids)}"
159 id = "${element(var.management_subnet_ids, count.index)}"
162 resource "aws_ebs_volume" "management-data" {
163 count = "${length(var.management_subnet_ids) * var.management_data_efs}"
164 availability_zone = "${element(data.aws_subnet.management.*.availability_zone, count.index)}"
165 size = "${var.management_data_volume_size}"
168 module = "${var.management_service_name}"
172 resource "aws_efs_file_system" "management-data" {
173 count = "${var.management_data_efs}"
174 creation_token = "${var.management_service_name}-data"
176 Name = "${var.management_service_name}-data"
180 resource "aws_efs_mount_target" "management-data" {
181 count = "${length(var.management_subnet_ids) * var.management_data_efs}"
182 file_system_id = "${aws_efs_file_system.management-data.id}"
183 subnet_id = "${element(var.management_subnet_ids, count.index)}"
184 security_groups = ["${aws_security_group.management.id}"]