From 867b3fdf55a9aa5bdd87f5d66340821da53c03b5 Mon Sep 17 00:00:00 2001 From: Matthieu Bertin Date: Mon, 24 Jul 2017 13:56:26 +0200 Subject: [PATCH 1/4] typo fixes --- tools/pack-ami | 2 +- tools/readme.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/pack-ami b/tools/pack-ami index b1753576..33dbd2df 100755 --- a/tools/pack-ami +++ b/tools/pack-ami @@ -386,7 +386,7 @@ class Template(object): packer.wait() if packer.returncode != 0: - raise Exception("Buliding %s failed: see logs in %s" % (self.name, pwd)) + raise Exception("Building %s failed: see logs in %s" % (self.name, pwd)) try: ami = subprocess.check_output("grep ami- %s | tail -n 1 | cut -d' ' -f2" % os.path.join(pwd, 'stdout.log'), shell=True) diff --git a/tools/readme.md b/tools/readme.md index 14994083..63a8457e 100644 --- a/tools/readme.md +++ b/tools/readme.md @@ -8,5 +8,5 @@ - Your new Base and ECS AMIs are available in your AWS account - You can delete the Base AMI image - Set the ECS AMI Permission to public -- Edit the `defaults/maint.tf` file and set the new ECS AMI ID corresponding to the zone where your AMI has been created +- Edit the `defaults/main.tf` file and set the new ECS AMI ID corresponding to the zone where your AMI has been created - Copy your ECS AMI to each zone available in `defaults/maint.tf` AND DO NOT FORGET TO MAKE THEM PUBLIC TOO. From 91a72ff31e516037da3e5b5cafe2eb6100a3f939 Mon Sep 17 00:00:00 2001 From: Matthieu Bertin Date: Mon, 24 Jul 2017 13:59:25 +0200 Subject: [PATCH 2/4] terraform syntax changes --- Makefile | 5 +++++ defaults/main.tf | 2 ++ main.tf | 3 +++ 3 files changed, 10 insertions(+) diff --git a/Makefile b/Makefile index e58e87f8..a4a966de 100644 --- a/Makefile +++ b/Makefile @@ -33,8 +33,13 @@ endif install-tools: $(tools) +ifeq (${platform},Darwin) /usr/local/bin/%: ./tools/% install -S -m 0755 $< /usr/local/bin +else +/usr/local/bin/%: ./tools/% + install -m 0755 $< /usr/local/bin +endif amis: pack-ami build -p ./packer -t base -r diff --git a/defaults/main.tf b/defaults/main.tf index a312547c..3d8aab52 100644 --- a/defaults/main.tf +++ b/defaults/main.tf @@ -23,6 +23,7 @@ variable "cidr" { } variable "default_ecs_ami" { + type = "map" default = { us-east-1 = "ami-dde4e6ca" us-west-1 = "ami-6d21770d" @@ -39,6 +40,7 @@ variable "default_ecs_ami" { # http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-access-logs.html#attach-bucket-policy variable "default_log_account_ids" { + type = "map" default = { us-east-1 = "127311923021" us-west-2 = "797873946194" diff --git a/main.tf b/main.tf index 45f51765..4f8dfb02 100644 --- a/main.tf +++ b/main.tf @@ -46,16 +46,19 @@ variable "cidr" { } variable "internal_subnets" { + type = "list" description = "a list of CIDRs for internal subnets in your VPC, must be set if the cidr variable is defined, needs to have as many elements as there are availability zones" default = ["10.30.0.0/19" ,"10.30.64.0/19", "10.30.128.0/19"] } variable "external_subnets" { + type = "list" description = "a list of CIDRs for external subnets in your VPC, must be set if the cidr variable is defined, needs to have as many elements as there are availability zones" default = ["10.30.32.0/20", "10.30.96.0/20", "10.30.160.0/20"] } variable "availability_zones" { + type = "list" description = "a comma-separated list of availability zones, defaults to all AZ of the region, if set to something other than the defaults, both internal_subnets and external_subnets have to be defined as well" default = ["us-west-2a", "us-west-2b", "us-west-2c"] } From 5607472d939ea602c671abf3a2b441d4f6aecca5 Mon Sep 17 00:00:00 2001 From: Matthieu Bertin Date: Mon, 24 Jul 2017 14:13:12 +0200 Subject: [PATCH 3/4] dependencies updates - latest xenial ubuntu release base - amazon/amazon-ecs-agent docker image uses the latest tag now - segment/ecs-logs from 0.1.1 to 0.1.5 - ixgbevf from 3.1.2 to 3.4.3 - terraform 0.7.2 to 0.9.11 - packer 0.10.1 to 1.0.3 - dumb-init from 1.1.3 to 1.2.0 - some bash syntax best practices here or there. --- Dockerfile | 6 +++--- packer/base/packer.yml | 21 ++++++++++++++++++- .../etc/apt/preferences.d/docker-engine.pref | 3 +++ packer/base/scripts/base.sh | 8 +++++-- packer/base/scripts/docker.sh | 3 ++- packer/base/scripts/ixgbevf.sh | 18 +++++++++------- .../root/etc/systemd/system/ecs-agent.service | 4 ++-- .../root/etc/systemd/system/ecs-logs.service | 4 ++-- scripts/docs.sh | 4 ++-- scripts/test.sh | 4 ++-- 10 files changed, 52 insertions(+), 23 deletions(-) create mode 100644 packer/base/root/etc/apt/preferences.d/docker-engine.pref diff --git a/Dockerfile b/Dockerfile index a987d842..73e1cb68 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,15 +11,15 @@ RUN apt-get update \ && apt-get clean COPY tools /usr/local/bin -RUN curl -sL "https://releases.hashicorp.com/terraform/0.7.2/terraform_0.7.2_linux_amd64.zip"> terraform.zip \ +RUN curl -sL "https://releases.hashicorp.com/terraform/0.9.11/terraform_0.9.11_linux_amd64.zip"> terraform.zip \ && unzip terraform.zip \ && mv terraform /usr/local/bin -RUN curl -sL "https://releases.hashicorp.com/packer/0.10.1/packer_0.10.1_linux_amd64.zip" > packer.zip \ +RUN curl -sL "https://releases.hashicorp.com/packer/1.0.3/packer_1.0.3_linux_amd64.zip" > packer.zip \ && unzip packer.zip \ && mv packer /usr/local/bin -RUN curl -sL -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.1.3/dumb-init_1.1.3_amd64 && chmod +x /usr/local/bin/dumb-init +RUN curl -sL -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.0/dumb-init_1.2.0_amd64 && chmod +x /usr/local/bin/dumb-init ENTRYPOINT ["/usr/local/bin/dumb-init"] diff --git a/packer/base/packer.yml b/packer/base/packer.yml index fbbe6846..24b1d785 100644 --- a/packer/base/packer.yml +++ b/packer/base/packer.yml @@ -1,7 +1,26 @@ --- +# Latest xenial 16.04 LTS amd64 hvm:ebs-ssd Releases +# us-gov-west-1 20170619.1 ami-939412f2 +# us-east-2 20170619.1 ami-8b92b4ee +# sa-east-1 20170619.1 ami-34afc458 +# eu-central-1 20170619.1 ami-1c45e273 +# us-west-1 20170619.1 ami-73f7da13 +# us-west-2 20170619.1 ami-835b4efa +# ap-northeast-2 20170619.1 ami-94d20dfa +# ca-central-1 20170619.1 ami-7ed56a1a +# eu-west-2 20170619.1 ami-cc7066a8 +# ap-southeast-1 20170619.1 ami-2378f540 +# eu-west-1 20170619.1 ami-6d48500b +# ap-southeast-2 20170619.1 ami-e94e5e8a +# ap-northeast-1 20170619.1 ami-785c491f +# us-east-1 20170619.1 ami-d15a75c7 +# ap-south-1 20170619.1 ami-49e59a26 +# cn-north-1 20170303 ami-a163b4cc + + # https://www.packer.io/docs/builders/amazon-ebs.html ami: - source_ami: ami-e6d5d2f1 + source_ami: ami-d15a75c7 region: us-east-1 instance_type: c4.2xlarge ssh_username: ubuntu diff --git a/packer/base/root/etc/apt/preferences.d/docker-engine.pref b/packer/base/root/etc/apt/preferences.d/docker-engine.pref new file mode 100644 index 00000000..1c8729e6 --- /dev/null +++ b/packer/base/root/etc/apt/preferences.d/docker-engine.pref @@ -0,0 +1,3 @@ +Package: * +Pin: release o=Docker +Pin-Priority: 900 diff --git a/packer/base/scripts/base.sh b/packer/base/scripts/base.sh index d73a21b6..64f8dcd9 100644 --- a/packer/base/scripts/base.sh +++ b/packer/base/scripts/base.sh @@ -1,11 +1,11 @@ #!/bin/bash set -e +export DEBIAN_FRONTEND=noninteractive systemctl disable apt-daily.service systemctl disable apt-daily.timer apt-get update -y -apt-get upgrade -y apt-get install -y \ build-essential \ @@ -35,8 +35,12 @@ apt-get install -y \ ntp \ logrotate \ dhcping \ + nfs-common \ + curl \ + unzip \ + jq \ dhcpdump pip install awscli -apt-get dist-upgrade -y +apt-get upgrade -y diff --git a/packer/base/scripts/docker.sh b/packer/base/scripts/docker.sh index 472ee864..0a143e1a 100644 --- a/packer/base/scripts/docker.sh +++ b/packer/base/scripts/docker.sh @@ -1,6 +1,8 @@ #!/bin/bash set -e +export DEBIAN_FRONTEND=noninteractive + apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D echo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main' > /etc/apt/sources.list.d/docker.list @@ -9,7 +11,6 @@ apt-get purge -y lxc-docker apt-cache policy docker-engine apt-get install -o Dpkg::Options::="--force-confold" -y \ - linux-image-extra-$(uname -r) \ docker-engine gpasswd -a ubuntu docker diff --git a/packer/base/scripts/ixgbevf.sh b/packer/base/scripts/ixgbevf.sh index ffa07ee6..8b41f560 100644 --- a/packer/base/scripts/ixgbevf.sh +++ b/packer/base/scripts/ixgbevf.sh @@ -1,13 +1,13 @@ #!/bin/bash set -e -wget -q -N -P /tmp/ "sourceforge.net/projects/e1000/files/ixgbevf stable/3.1.2/ixgbevf-3.1.2.tar.gz" -tar -xzf /tmp/ixgbevf-3.1.2.tar.gz -mv ixgbevf-3.1.2 /usr/src/ +wget -q -N -P /tmp/ "sourceforge.net/projects/e1000/files/ixgbevf stable/3.4.3/ixgbevf-3.4.3.tar.gz" +tar -xzf /tmp/ixgbevf-3.4.3.tar.gz +mv ixgbevf-3.4.3 /usr/src/ -cat < 255/#if UTS_UBUNTU_RELEASE_ABI > 99255/' /usr/src/ixgbevf-3.4.3/src/kcompat.h +dkms remove ixgbevf -v 3.4.3 --all 2>/dev/null || true +dkms add -m ixgbevf -v 3.4.3 +dkms build -m ixgbevf -v 3.4.3 +dkms install -m ixgbevf -v 3.4.3 update-initramfs -c -k all echo "options ixgbevf InterruptThrottleRate=1,1,1,1,1,1,1,1" | tee /etc/modprobe.d/ixgbevf.conf diff --git a/packer/ecs/root/etc/systemd/system/ecs-agent.service b/packer/ecs/root/etc/systemd/system/ecs-agent.service index b5a6efab..c2429301 100644 --- a/packer/ecs/root/etc/systemd/system/ecs-agent.service +++ b/packer/ecs/root/etc/systemd/system/ecs-agent.service @@ -14,7 +14,7 @@ ExecStartPre=/bin/mkdir -p /var/lib/ecs/data ExecStartPre=/bin/mkdir -p /var/log/ecs ExecStartPre=-/usr/bin/docker kill ecs-agent ExecStartPre=-/usr/bin/docker rm ecs-agent -ExecStartPre=-/usr/bin/docker pull amazon/amazon-ecs-agent:v1.14.1 +ExecStartPre=-/usr/bin/docker pull amazon/amazon-ecs-agent:latest ExecStart=/usr/bin/docker run \ --name=ecs-agent \ --restart=on-failure:10 \ @@ -27,7 +27,7 @@ ExecStart=/usr/bin/docker run \ --publish=127.0.0.1:51679:51679 \ --env-file=/etc/ecs/ecs.config \ --env=ECS_CLUSTER=${SERVER_GROUP} \ - amazon/amazon-ecs-agent:v1.14.1 + amazon/amazon-ecs-agent:latest ExecStop=-/usr/bin/docker stop ecs-agent [Install] diff --git a/packer/ecs/root/etc/systemd/system/ecs-logs.service b/packer/ecs/root/etc/systemd/system/ecs-logs.service index 6076ba18..baa903cd 100644 --- a/packer/ecs/root/etc/systemd/system/ecs-logs.service +++ b/packer/ecs/root/etc/systemd/system/ecs-logs.service @@ -11,12 +11,12 @@ RestartPreventExitStatus=5 SyslogIdentifier=ecs-logs ExecStartPre=-/usr/bin/docker kill ecs-logs ExecStartPre=-/usr/bin/docker rm ecs-logs -ExecStartPre=-/usr/bin/docker pull segment/ecs-logs:0.1.1 +ExecStartPre=-/usr/bin/docker pull segment/ecs-logs:0.1.5 ExecStart=/usr/bin/docker run \ --name=ecs-logs \ --restart=on-failure:10 \ --volume=/run/log/journal:/run/log/journal:ro \ - segment/ecs-logs:0.1.1 -src journald -dst cloudwatchlogs + segment/ecs-logs:0.1.5 -src journald -dst cloudwatchlogs ExecStop=-/usr/bin/docker stop ecs-logs [Install] diff --git a/scripts/docs.sh b/scripts/docs.sh index 96daa5f9..c3956752 100644 --- a/scripts/docs.sh +++ b/scripts/docs.sh @@ -12,10 +12,10 @@ echo "Generating docs for stack" printf "# Stack\n\n" >> docs.md terraform-docs md . >> docs.md -for m in $modules; do +for m in ${modules}; do if [[ "$m" != "iam-role" ]]; then echo "generating docs for $m" printf "# $m\n\n" >> docs.md - terraform-docs md $m >> docs.md + terraform-docs md ${m} >> docs.md fi done diff --git a/scripts/test.sh b/scripts/test.sh index b11e95bc..6a18971e 100644 --- a/scripts/test.sh +++ b/scripts/test.sh @@ -4,6 +4,6 @@ modules=$(find -mindepth 2 -name *.tf -printf '%P\n' | xargs -I % dirname %) (terraform validate . && echo "√ stack") || exit 1 -for m in $modules; do - (terraform validate $m && echo "√ $m") || exit 1 +for m in ${modules}; do + (terraform validate ${m} && echo "√ $m") || exit 1 done From 88fa348f824dcaaccb494c272271073e641536d0 Mon Sep 17 00:00:00 2001 From: Matthieu Bertin Date: Wed, 26 Jul 2017 00:02:25 +0200 Subject: [PATCH 4/4] some more typo fixes and fmt. --- Readme.md | 2 +- defaults/main.tf | 2 ++ docs.md | 6 ++--- ecs-cluster/main.tf | 2 +- iam-role/main.tf | 6 ++--- main.tf | 56 ++++++++++++++++++++--------------------- s3-logs/main.tf | 13 ++++------ web-service/elb/main.tf | 3 +-- 8 files changed, 44 insertions(+), 46 deletions(-) diff --git a/Readme.md b/Readme.md index 25bbf9aa..57ace3d2 100644 --- a/Readme.md +++ b/Readme.md @@ -194,7 +194,7 @@ For more complicated service discovery which handles cases like versioning, we'd ### Bastion -The bastion host acts as the "jump point" for the rest of the infrastructure. Since most of our instances aren't exposed to the external internet, the bastion acts as the gatekeeper for any direct SSH access. +The bastion host acts as the "jump point" for the rest of the infrastructure. Since most of our instances are not exposed to the external internet, the bastion acts as the gatekeeper for any direct SSH access. The bastion is provisioned using the key name that you pass to the stack (and hopefully have stored somewhere). If you ever need to access an instance directly, you can do it by "jumping through" the bastion: diff --git a/defaults/main.tf b/defaults/main.tf index 3d8aab52..e4b2b326 100644 --- a/defaults/main.tf +++ b/defaults/main.tf @@ -24,6 +24,7 @@ variable "cidr" { variable "default_ecs_ami" { type = "map" + default = { us-east-1 = "ami-dde4e6ca" us-west-1 = "ami-6d21770d" @@ -41,6 +42,7 @@ variable "default_ecs_ami" { # http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/enable-access-logs.html#attach-bucket-policy variable "default_log_account_ids" { type = "map" + default = { us-east-1 = "127311923021" us-west-2 = "797873946194" diff --git a/docs.md b/docs.md index 13f24fc9..8f0db17d 100644 --- a/docs.md +++ b/docs.md @@ -88,7 +88,7 @@ Usage: # bastion The bastion host acts as the "jump point" for the rest of the infrastructure. -Since most of our instances aren't exposed to the external internet, the bastion acts as the gatekeeper for any direct SSH access. +Since most of our instances are not exposed to the external internet, the bastion acts as the gatekeeper for any direct SSH access. The bastion is provisioned using the key name that you pass to the stack (and hopefully have stored somewhere). If you ever need to access an instance directly, you can do it by "jumping through" the bastion. @@ -130,7 +130,7 @@ Usage: # defaults This module is used to set configuration defaults for the AWS infrastructure. -It doesn't provide much value when used on its own because terraform makes it +It does not provide much value when used on its own because terraform makes it hard to do dynamic generations of things like subnets, for now it's used as a helper module for the stack. @@ -248,7 +248,7 @@ Usage: | instance_type | The instance type to use, e.g t2.small | - | yes | | instance_ebs_optimized | When set to true the instance will be launched with EBS optimized turned on | `true` | no | | min_size | Minimum instance count | `3` | no | -| max_size | Maxmimum instance count | `100` | no | +| max_size | Maximum instance count | `100` | no | | desired_capacity | Desired instance count | `3` | no | | associate_public_ip_address | Should created instances be publicly accessible (if the SG allows) | `false` | no | | root_volume_size | Root volume size in GB | `25` | no | diff --git a/ecs-cluster/main.tf b/ecs-cluster/main.tf index 4fae8565..9f79f7b9 100644 --- a/ecs-cluster/main.tf +++ b/ecs-cluster/main.tf @@ -93,7 +93,7 @@ variable "desired_capacity" { variable "associate_public_ip_address" { description = "Should created instances be publicly accessible (if the SG allows)" - default = false + default = false } variable "root_volume_size" { diff --git a/iam-role/main.tf b/iam-role/main.tf index 249a40e9..9b08504d 100644 --- a/iam-role/main.tf +++ b/iam-role/main.tf @@ -95,9 +95,9 @@ EOF } resource "aws_iam_instance_profile" "default_ecs" { - name = "ecs-instance-profile-${var.name}-${var.environment}" - path = "/" - role = "${aws_iam_role.default_ecs_role.name}" + name = "ecs-instance-profile-${var.name}-${var.environment}" + path = "/" + role = "${aws_iam_role.default_ecs_role.name}" } output "default_ecs_role_id" { diff --git a/main.tf b/main.tf index 4f8dfb02..b9083415 100644 --- a/main.tf +++ b/main.tf @@ -46,31 +46,31 @@ variable "cidr" { } variable "internal_subnets" { - type = "list" + type = "list" description = "a list of CIDRs for internal subnets in your VPC, must be set if the cidr variable is defined, needs to have as many elements as there are availability zones" - default = ["10.30.0.0/19" ,"10.30.64.0/19", "10.30.128.0/19"] + default = ["10.30.0.0/19", "10.30.64.0/19", "10.30.128.0/19"] } variable "external_subnets" { - type = "list" + type = "list" description = "a list of CIDRs for external subnets in your VPC, must be set if the cidr variable is defined, needs to have as many elements as there are availability zones" default = ["10.30.32.0/20", "10.30.96.0/20", "10.30.160.0/20"] } variable "availability_zones" { - type = "list" + type = "list" description = "a comma-separated list of availability zones, defaults to all AZ of the region, if set to something other than the defaults, both internal_subnets and external_subnets have to be defined as well" default = ["us-west-2a", "us-west-2b", "us-west-2c"] } variable "bastion_instance_type" { description = "Instance type for the bastion" - default = "t2.micro" + default = "t2.micro" } variable "ecs_cluster_name" { description = "the name of the cluster, if not specified the variable name will be used" - default = "" + default = "" } variable "ecs_instance_type" { @@ -205,28 +205,28 @@ module "iam_role" { } module "ecs_cluster" { - source = "./ecs-cluster" - name = "${coalesce(var.ecs_cluster_name, var.name)}" - environment = "${var.environment}" - vpc_id = "${module.vpc.id}" - image_id = "${coalesce(var.ecs_ami, module.defaults.ecs_ami)}" - subnet_ids = "${module.vpc.internal_subnets}" - key_name = "${var.key_name}" - instance_type = "${var.ecs_instance_type}" - instance_ebs_optimized = "${var.ecs_instance_ebs_optimized}" - iam_instance_profile = "${module.iam_role.profile}" - min_size = "${var.ecs_min_size}" - max_size = "${var.ecs_max_size}" - desired_capacity = "${var.ecs_desired_capacity}" - region = "${var.region}" - availability_zones = "${module.vpc.availability_zones}" - root_volume_size = "${var.ecs_root_volume_size}" - docker_volume_size = "${var.ecs_docker_volume_size}" - docker_auth_type = "${var.ecs_docker_auth_type}" - docker_auth_data = "${var.ecs_docker_auth_data}" - security_groups = "${coalesce(var.ecs_security_groups, format("%s,%s,%s", module.security_groups.internal_ssh, module.security_groups.internal_elb, module.security_groups.external_elb))}" - extra_cloud_config_type = "${var.extra_cloud_config_type}" - extra_cloud_config_content = "${var.extra_cloud_config_content}" + source = "./ecs-cluster" + name = "${coalesce(var.ecs_cluster_name, var.name)}" + environment = "${var.environment}" + vpc_id = "${module.vpc.id}" + image_id = "${coalesce(var.ecs_ami, module.defaults.ecs_ami)}" + subnet_ids = "${module.vpc.internal_subnets}" + key_name = "${var.key_name}" + instance_type = "${var.ecs_instance_type}" + instance_ebs_optimized = "${var.ecs_instance_ebs_optimized}" + iam_instance_profile = "${module.iam_role.profile}" + min_size = "${var.ecs_min_size}" + max_size = "${var.ecs_max_size}" + desired_capacity = "${var.ecs_desired_capacity}" + region = "${var.region}" + availability_zones = "${module.vpc.availability_zones}" + root_volume_size = "${var.ecs_root_volume_size}" + docker_volume_size = "${var.ecs_docker_volume_size}" + docker_auth_type = "${var.ecs_docker_auth_type}" + docker_auth_data = "${var.ecs_docker_auth_data}" + security_groups = "${coalesce(var.ecs_security_groups, format("%s,%s,%s", module.security_groups.internal_ssh, module.security_groups.internal_elb, module.security_groups.external_elb))}" + extra_cloud_config_type = "${var.extra_cloud_config_type}" + extra_cloud_config_content = "${var.extra_cloud_config_content}" } module "s3_logs" { diff --git a/s3-logs/main.tf b/s3-logs/main.tf index f3e582f4..b76b3b8e 100644 --- a/s3-logs/main.tf +++ b/s3-logs/main.tf @@ -1,11 +1,8 @@ -variable "name" { -} +variable "name" {} -variable "environment" { -} +variable "environment" {} -variable "account_id" { -} +variable "account_id" {} variable "logs_expiration_enabled" { default = false @@ -28,8 +25,8 @@ resource "aws_s3_bucket" "logs" { bucket = "${var.name}-${var.environment}-logs" lifecycle_rule { - id = "logs-expiration" - prefix = "" + id = "logs-expiration" + prefix = "" enabled = "${var.logs_expiration_enabled}" expiration { diff --git a/web-service/elb/main.tf b/web-service/elb/main.tf index 7d47856c..6975b427 100644 --- a/web-service/elb/main.tf +++ b/web-service/elb/main.tf @@ -48,8 +48,7 @@ variable "internal_zone_id" { description = "The zone ID to create the record in" } -variable "ssl_certificate_id" { -} +variable "ssl_certificate_id" {} /** * Resources.