1 data "vault_generic_secret" "fdio_docs" {
2 path = "kv/secret/data/etl/fdio_docs"
5 data "vault_aws_access_credentials" "creds" {
6 backend = "${var.vault_name}-path"
7 role = "${var.vault_name}-role"
10 module "elastic_beanstalk_application" {
11 source = "../terraform-aws-elastic-beanstalk-application"
14 application_description = "FD.io CDASH M7G"
15 application_name = "fdio-csit-dash-app-m7g"
16 appversion_lifecycle_service_role_arn = "arn:aws:iam::407116685360:role/aws-service-role/elasticbeanstalk.amazonaws.com/AWSServiceRoleForElasticBeanstalk"
17 appversion_lifecycle_max_count = 10
18 appversion_lifecycle_delete_source_from_s3 = false
21 module "elastic_beanstalk_environment" {
22 source = "../terraform-aws-elastic-beanstalk-environment"
25 application_name = "fdio-csit-dash-app-m7g"
28 vpc_cidr_block = "10.0.0.0/16"
29 vpc_enable_dns_hostnames = true
30 vpc_enable_dns_support = true
31 vpc_instance_tenancy = "default"
34 subnet_a_availability_zone = "eu-north-1a"
35 subnet_a_cidr_block = "10.0.0.0/20"
36 subnet_b_availability_zone = "eu-north-1b"
37 subnet_b_cidr_block = "10.0.16.0/20"
40 environment_application = module.elastic_beanstalk_application.application_name
41 environment_description = module.elastic_beanstalk_application.application_description
42 environment_name = "fdio-csit-dash-env-m7g"
43 environment_solution_stack_name = "64bit Amazon Linux 2023 v4.0.6 running Python 3.11"
44 environment_tier = "WebServer"
45 environment_wait_for_ready_timeout = "25m"
46 environment_version_label = ""
49 instances_instance_types = "m7g.2xlarge"
52 associate_public_ip_address = true
55 # aws:elbv2:listener:default
56 default_listener_enabled = true
58 # aws:elasticbeanstalk:environment
59 environment_loadbalancer_type = "application"
60 environment_loadbalancer_ssl_certificate_id = "arn:aws:acm:eu-north-1:407116685360:certificate/3ef3c6ae-f1d4-49f0-a8cd-5d090991bf73"
62 # aws:elasticbeanstalk:environment:process:default
63 environment_process_default_healthcheck_interval = 10
64 environment_process_default_healthy_threshold_count = 3
65 environment_process_default_port = 5000
66 environment_process_default_unhealthy_threshold_count = 3
68 # aws:autoscaling:updatepolicy:rollingupdate
69 autoscaling_updatepolicy_rolling_update_enabled = true
70 autoscaling_updatepolicy_rolling_update_type = "Immutable"
71 autoscaling_updatepolicy_min_instance_in_service = 1
73 # aws:elasticbeanstalk:command
74 command_deployment_policy = "Rolling"
76 # aws:autoscaling:updatepolicy:rollingupdate
77 updatepolicy_max_batch_size = 1
79 # aws:elasticbeanstalk:healthreporting:system
80 healthreporting_system_type = "enhanced"
82 # aws:elasticbeanstalk:managedactions
83 managedactions_managed_actions_enabled = true
84 managedactions_preferred_start_time = "Sun:10:00"
86 # aws:elasticbeanstalk:managedactions:platformupdate
87 managedactions_platformupdate_update_level = "minor"
88 managedactions_platformupdate_instance_refresh_enabled = true
91 autoscaling_asg_minsize = 1
92 autoscaling_asg_maxsize = 2
94 # aws:autoscaling:trigger
95 autoscaling_trigger_measure_name = "CPUUtilization"
96 autoscaling_trigger_statistic = "Average"
97 autoscaling_trigger_unit = "Percent"
98 autoscaling_trigger_lower_threshold = 20
99 autoscaling_trigger_lower_breach_scale_increment = -1
100 autoscaling_trigger_upper_threshold = 80
101 autoscaling_trigger_upper_breach_scale_increment = 1
103 # aws:elasticbeanstalk:hostmanager
104 hostmanager_log_publication_control = true
106 # aws:elasticbeanstalk:cloudwatch:logs
107 cloudwatch_logs_stream_logs = true
108 cloudwatch_logs_delete_on_terminate = true
109 cloudwatch_logs_retention_in_days = 3
111 # aws:elasticbeanstalk:cloudwatch:logs:health
112 cloudwatch_logs_health_health_streaming_enabled = true
113 cloudwatch_logs_health_delete_on_terminate = true
114 cloudwatch_logs_health_retention_in_days = 3
116 environment_type = "LoadBalanced"
118 # aws:elasticbeanstalk:application:environment
119 environment_variables = {
120 "AWS_ACCESS_KEY_ID" = data.vault_generic_secret.fdio_docs.data["access_key"]
121 "AWS_SECRET_ACCESS_KEY" = data.vault_generic_secret.fdio_docs.data["secret_key"]
122 "AWS_DEFAULT_REGION" = data.vault_generic_secret.fdio_docs.data["region"]