从其他项目Terraform导入ECS任务定义 [英] Terraform import ECS task definition from another project

问题描述

我有多个项目，每个项目都有自己的Terraform来管理特定于该项目的AWS基础架构.共享的基础结构(例如VPC):我将其导入需要它的项目中.

I have multiple projects, each with their own Terraform to manage the AWS infrastructure specific to that project. Infrastructure that's shared (a VPC for example): I import into the projects that need it.

我想使用步骤功能将来自不同服务的许多不同任务粘合在一起，但是其中一些是Fargate ECS任务.这意味着我需要在step函数中指定任务定义ARN.

I want to glue together a number of different tasks from across different services using step functions, but some of them are Fargate ECS tasks. This means I need to specify the task definition ARN in the step function.

我可以导入任务定义，但是如果以后更新管理该任务定义的项目，修订版本将更改，而步进功能将继续指向旧的任务定义修订版.

I can import a task definition but if I later update the project that manages that task definition, the revision will change while the step function will continue to point at the old task definition revision.

在这一点上，我不妨将任务ARN硬编码到step函数中，只需要记住将来要对其进行更新即可.

At this point I might as well hard-code the task ARN into the step function and just have to remember to update it in the future.

有人知道解决这个问题的方法吗?

Anyone know a way around this?

推荐答案

您可以使用 aws_ecs_task_definition 数据源，以查找任务定义系列的最新版本:

You can use the aws_ecs_task_definition data source to look up the latest revision of a task definition family:

data "aws_ecs_task_definition" "example" {
  task_definition = "example" 
}

output "example" {
  value = data.aws_ecs_task_definition.example
}

应用此操作将得到以下输出(假设您的AWS账户中有一个 example 服务):

Applying this gives the following output (assuming you have an example service in your AWS account):

example = {
  "family" = "example"
  "id" = "arn:aws:ecs:eu-west-1:1234567890:task-definition/example:333"
  "network_mode" = "bridge"
  "revision" = 333
  "status" = "ACTIVE"
  "task_definition" = "example"
  "task_role_arn" = "arn:aws:iam::1234567890:role/example"
}

因此您可以执行以下操作:

So you could do something like this:

data "aws_ecs_task_definition" "example" {
  task_definition = "example" 
}

data "aws_ecs_cluster" "example" {
  cluster_name = "example"
}

resource "aws_sfn_state_machine" "sfn_state_machine" {
  name     = "my-state-machine"
  role_arn = aws_iam_role.iam_for_sfn.arn

  definition = <<EOF
{  
   "StartAt": "Manage ECS task",
   "States": {  
      "Manage ECS task": {  
         "Type": "Task",
         "Resource": "arn:aws:states:::ecs:runTask.waitForTaskToken",
         "Parameters": {  
            "LaunchType": "FARGATE",
            "Cluster": ${data.aws_ecs_cluster.example.arn},
            "TaskDefinition": ${data.aws_ecs_task_definition.example.id},
            "Overrides": {  
               "ContainerOverrides": [  
                  {  
                     "Name": "example",
                     "Environment": [  
                        {  
                           "Name": "TASK_TOKEN_ENV_VARIABLE",
                           "Value.$": "$$.Task.Token"
                        }
                     ]
                  }
               ]
            }
         },
         "End": true
      }
   }
}
EOF
}

这篇关于从其他项目Terraform导入ECS任务定义的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！