I'm trying to persist container data and for that I want to mount a volume. Here is my task definition which throws the unknown volume error despite declaring it.
aws_ecs_task_definition.wordpress: Creating... Error: ClientException: Unknown volume 'wordpress-volume'.
locals {
username = jsondecode(data.aws_secretsmanager_secret_version.wordpress.secret_string)["username"]
password = jsondecode(data.aws_secretsmanager_secret_version.wordpress.secret_string)["password"]
}
resource "aws_ecs_task_definition" "wordpress" {
family = "wordpress"
container_definitions = jsonencode([{
name = "wordpress"
image = "wordpress"
essential = true
cpu = 256
memory = 512
entryPoint = [ "sh", "-c"]
command = ["ls -la /var/www/html"]
volumes = [{
name = "wordpress-volume"
efsVolumeConfiguration = {
fileSystemId = aws_efs_file_system.wordpress.id
}
}]
mountPoints = [{
sourceVolume = "wordpress-volume"
containerPath = "/var/www/html"
readOnly = false
}]
environment = [{
name = "WORDPRESS_DB_HOST"
value = "127.0.0.1"},
{
name = "WORDPRESS_DB_USER"
value = local.username
},
{
name = "WORDPRESS_DB_PASSWORD"
value = local.password
},
{
name = "WORDPRESS_DB_NAME"
value = "wordpressdb"
}]
portMappings = [{
protocol = "tcp"
containerPort = 80
hostPort = 80
}]
}])
network_mode = "awsvpc"
requires_compatibilities = ["FARGATE"]
execution_role_arn = aws_iam_role.ecs_task_execution_role.arn
task_role_arn = aws_iam_role.ecs_task_role.arn
cpu = 1024
memory = 3072
}
Your volumes definition isn't supposed to be inside container_definitions but is part of aws_ecs_task_definition resource arguments.
So, you should move this part outside:
volumes = [{
name = "wordpress-volume"
efsVolumeConfiguration = {
fileSystemId = aws_efs_file_system.wordpress.id
}
}]
to
resource "aws_ecs_task_definition" "wordpress" {
...
volume {
name = "wordpress-volume"
efs_volume_configuration {
file_system_id = aws_efs_file_system.wordpress.id
}
}
...
}
see the docs:
And container definition docs: