1 data "vault_generic_secret" "fdio_docs" {
2 path = "kv/secret/data/etl/fdio_docs"
5 data "vault_aws_access_credentials" "creds" {
6 backend = "${var.vault_name}-path"
7 role = "${var.vault_name}-role"
10 module "elastic_beanstalk_application" {
11 source = "../terraform-aws-elastic-beanstalk-application"
14 application_description = "FD.io CDASH"
15 application_name = "fdio-csit-dash-app"
16 appversion_lifecycle_service_role_arn = "arn:aws:iam::407116685360:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk"
17 appversion_lifecycle_max_count = 10
18 appversion_lifecycle_delete_source_from_s3 = false
21 module "elastic_beanstalk_environment" {
22 source = "../terraform-aws-elastic-beanstalk-environment"
25 vpc_cidr_block = "10.0.0.0/16"
26 vpc_enable_dns_hostnames = true
27 vpc_enable_dns_support = true
28 vpc_instance_tenancy = "default"
31 subnet_a_availability_zone = "eu-central-1a"
32 subnet_a_cidr_block = "10.0.0.0/20"
33 subnet_b_availability_zone = "eu-central-1b"
34 subnet_b_cidr_block = "10.0.16.0/20"
37 environment_application = module.elastic_beanstalk_application.application_name
38 environment_description = module.elastic_beanstalk_application.application_description
39 environment_name = "fdio-csit-dash-env"
40 environment_solution_stack_name = "64bit Amazon Linux 2023 v4.0.3 running Python 3.11"
41 environment_tier = "WebServer"
42 environment_wait_for_ready_timeout = "25m"
43 environment_version_label = ""
46 instances_instance_types = "t3a.2xlarge"
49 associate_public_ip_address = true
52 # aws:elbv2:listener:default
53 default_listener_enabled = true
55 # aws:elasticbeanstalk:environment
56 environment_loadbalancer_type = "application"
57 environment_loadbalancer_ssl_certificate_id = "arn:aws:acm:eu-central-1:407116685360:certificate/737ad419-36f1-460d-919a-9110b0aac26a"
59 # aws:elasticbeanstalk:environment:process:default
60 environment_process_default_healthcheck_interval = 10
61 environment_process_default_healthy_threshold_count = 3
62 environment_process_default_port = 5000
63 environment_process_default_unhealthy_threshold_count = 3
65 # aws:autoscaling:updatepolicy:rollingupdate
66 autoscaling_updatepolicy_rolling_update_enabled = true
67 autoscaling_updatepolicy_rolling_update_type = "Immutable"
68 autoscaling_updatepolicy_min_instance_in_service = 1
70 # aws:elasticbeanstalk:command
71 command_deployment_policy = "Rolling"
73 # aws:autoscaling:updatepolicy:rollingupdate
74 updatepolicy_max_batch_size = 1
76 # aws:elasticbeanstalk:healthreporting:system
77 healthreporting_system_type = "enhanced"
79 # aws:elasticbeanstalk:managedactions
80 managedactions_managed_actions_enabled = true
81 managedactions_preferred_start_time = "Sun:10:00"
83 # aws:elasticbeanstalk:managedactions:platformupdate
84 managedactions_platformupdate_update_level = "minor"
85 managedactions_platformupdate_instance_refresh_enabled = true
88 autoscaling_asg_minsize = 1
89 autoscaling_asg_maxsize = 2
91 # aws:autoscaling:trigger
92 autoscaling_trigger_measure_name = "CPUUtilization"
93 autoscaling_trigger_statistic = "Average"
94 autoscaling_trigger_unit = "Percent"
95 autoscaling_trigger_lower_threshold = 20
96 autoscaling_trigger_lower_breach_scale_increment = -1
97 autoscaling_trigger_upper_threshold = 80
98 autoscaling_trigger_upper_breach_scale_increment = 1
100 # aws:elasticbeanstalk:hostmanager
101 hostmanager_log_publication_control = true
103 # aws:elasticbeanstalk:cloudwatch:logs
104 cloudwatch_logs_stream_logs = true
105 cloudwatch_logs_delete_on_terminate = true
106 cloudwatch_logs_retention_in_days = 3
108 # aws:elasticbeanstalk:cloudwatch:logs:health
109 cloudwatch_logs_health_health_streaming_enabled = true
110 cloudwatch_logs_health_delete_on_terminate = true
111 cloudwatch_logs_health_retention_in_days = 3
113 environment_type = "LoadBalanced"
115 # aws:elasticbeanstalk:application:environment
116 environment_variables = {
117 "AWS_ACCESS_KEY_ID" = data.vault_generic_secret.fdio_docs.data["access_key"]
118 "AWS_SECRET_ACCESS_KEY" = data.vault_generic_secret.fdio_docs.data["secret_key"]
119 "AWS_DEFAULT_REGION" = data.vault_generic_secret.fdio_docs.data["region"]