AWS Elastic Container Service (ECS) Task#
This module allows Terraform to manage AWS ECS Service for the Censys Cloud Connector.
Prerequisites#
Install Poetry.
Install Terraform.
Install AWS CLI.
Optional: AWS Terraform Authentication and Configuration
Login Instructions#
Use the AWS CLI tool to configure a named profile. The AWS Terraform provider uses standard configuration and credential precedence.
Setup#
Ensure you are in the root directory of the project.
Source your environment variables.
source .env
Run
poetry install
to install the dependencies.Ensure your
providers.yml
file contains your cloud provider credentials.If you have not already done so, you can create a
providers.yml
file by running the following command:poetry run censys-cc config
Change the working directory to the
aws-ecs-task
directory with the following command:cd ./terraform/aws-ecs-task
Copy
terraform.tfvars.example
toterraform.tfvars
and update the values to match your environment.cp terraform.tfvars.example terraform.tfvars
Initialize the project with the following command:
terraform init
To see what resources will be created or updated, run the following command:
terraform plan -var-file terraform.tfvars -out=censys-tfplan -input=false
To create or update the resources, run the following command:
terraform apply -input=false censys-tfplan
Cleanup#
To clean up the resources created by this module, run the following command:
terraform destroy -var-file terraform.tfvars
Requirements#
Name |
Version |
---|---|
terraform |
>= 0.13.1 |
aws |
>= 4.7 |
Providers#
Name |
Version |
---|---|
aws |
4.51.0 |
random |
3.4.3 |
Modules#
Name |
Source |
Version |
---|---|---|
ecs |
terraform-aws-modules/ecs/aws |
~> 3.0 |
eventbridge |
terraform-aws-modules/eventbridge/aws |
n/a |
vpc |
terraform-aws-modules/vpc/aws |
n/a |
Resources#
Name |
Type |
---|---|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
|
resource |
Inputs#
Name |
Description |
Type |
Default |
Required |
---|---|---|---|---|
aws_availability_zone |
The AWS availability zones to use. |
|
|
no |
aws_region |
The AWS region to use. |
|
|
no |
censys_api_key |
The Censys ASM API key |
|
n/a |
yes |
image_tag |
The tag of the Docker image to use for ECS. |
|
|
no |
image_uri |
The URI of the Docker image to use for ECS. |
|
|
no |
logging_level |
The logging level |
|
|
no |
providers_config |
The path to the providers config file |
|
|
no |
role_name |
The cross-account AWS IAM Role name. |
|
|
no |
schedule_expression |
Cloud Connector scan frequency. |
|
|
no |
secrets_dir |
The path to the secrets directory |
|
|
no |
task_cpu |
The number of CPU units to allocate to the ECS task. |
|
|
no |
task_memory |
The amount of memory to allocate to the ECS task. |
|
|
no |
Outputs#
Name |
Description |
---|---|
eventbridge_bus_arn |
The EventBridge Bus ARN |
eventbridge_rule_arns |
The EventBridge Rule ARNs |
eventbridge_rule_ids |
The EventBridge Rule IDs |