Search code examples
amazon-web-servicesterraformamazon-ecsterraform-provider-aws

Terraform import ECS task definition from another project

I have multiple projects, each with their own Terraform to manage the AWS infrastructure specific to that project. Infrastructure that's shared (a VPC for example): I import into the projects that need it.

I want to glue together a number of different tasks from across different services using step functions, but some of them are Fargate ECS tasks. This means I need to specify the task definition ARN in the step function.

I can import a task definition but if I later update the project that manages that task definition, the revision will change while the step function will continue to point at the old task definition revision.

At this point I might as well hard-code the task ARN into the step function and just have to remember to update it in the future.

Anyone know a way around this?

Solution

  • You can use the aws_ecs_task_definition data source to look up the latest revision of a task definition family:

    data "aws_ecs_task_definition" "example" {
  task_definition = "example" 
}

output "example" {
  value = data.aws_ecs_task_definition.example
}

    Applying this gives the following output (assuming you have an example service in your AWS account):

    example = {
  "family" = "example"
  "id" = "arn:aws:ecs:eu-west-1:1234567890:task-definition/example:333"
  "network_mode" = "bridge"
  "revision" = 333
  "status" = "ACTIVE"
  "task_definition" = "example"
  "task_role_arn" = "arn:aws:iam::1234567890:role/example"
}

    So you could do something like this:

    data "aws_ecs_task_definition" "example" {
  task_definition = "example" 
}

data "aws_ecs_cluster" "example" {
  cluster_name = "example"
}

resource "aws_sfn_state_machine" "sfn_state_machine" {
  name     = "my-state-machine"
  role_arn = aws_iam_role.iam_for_sfn.arn

  definition = <<EOF
{  
   "StartAt": "Manage ECS task",
   "States": {  
      "Manage ECS task": {  
         "Type": "Task",
         "Resource": "arn:aws:states:::ecs:runTask.waitForTaskToken",
         "Parameters": {  
            "LaunchType": "FARGATE",
            "Cluster": ${data.aws_ecs_cluster.example.arn},
            "TaskDefinition": ${data.aws_ecs_task_definition.example.id},
            "Overrides": {  
               "ContainerOverrides": [  
                  {  
                     "Name": "example",
                     "Environment": [  
                        {  
                           "Name": "TASK_TOKEN_ENV_VARIABLE",
                           "Value.$": "$$.Task.Token"
                        }
                     ]
                  }
               ]
            }
         },
         "End": true
      }
   }
}
EOF
}