Terraform module to provision Auto Scaling Group and Launch Template on AWS.
The module also creates AutoScaling Policies and CloudWatch Metric Alarms to monitor CPU utilization on the EC2 instances and scale the number of instance in the AutoScaling Group up or down.
If you don't want to use the provided functionality, or want to provide your own policies, disable it by setting the variable autoscaling_policies_enabled to false.
At present, although you can set the created AutoScaling Policy type to any legal value, in practice only SimpleScaling is supported.
To use a StepScaling or TargetTrackingScaling policy, create it yourself and then pass it in the alarm_actions field of custom_alarms.
Tip
Cloud Posse uses atmos to easily orchestrate multiple environments using Terraform.
Works with Github Actions, Atlantis, or Spacelift.
Watch demo of using Atmos with Terraform
Example of running
atmos to manage infrastructure from our Quick Start tutorial.
locals {
userdata = <<-USERDATA
#!/bin/bash
cat <<"__EOF__" > /home/ec2-user/.ssh/config
Host *
StrictHostKeyChecking no
__EOF__
chmod 600 /home/ec2-user/.ssh/config
chown ec2-user:ec2-user /home/ec2-user/.ssh/config
USERDATA
}
module "autoscale_group" {
source = "cloudposse/ec2-autoscale-group/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
environment = var.environment
name = var.name
image_id = "ami-08cab282f9979fc7a"
instance_type = "t2.small"
security_group_ids = ["sg-xxxxxxxx"]
subnet_ids = ["subnet-xxxxxxxx", "subnet-yyyyyyyy", "subnet-zzzzzzzz"]
health_check_type = "EC2"
min_size = 2
max_size = 3
wait_for_capacity_timeout = "5m"
associate_public_ip_address = true
user_data_base64 = base64encode(local.userdata)
# All inputs to `block_device_mappings` have to be defined
block_device_mappings = [
{
device_name = "/dev/sda1"
no_device = "false"
virtual_name = "root"
ebs = {
encrypted = true
volume_size = 200
delete_on_termination = true
iops = null
kms_key_id = null
snapshot_id = null
volume_type = "standard"
}
}
]
tags = {
Tier = "1"
KubernetesCluster = "us-west-2.testing.cloudposse.co"
}
# Auto-scaling policies and CloudWatch metric alarms
autoscaling_policies_enabled = true
cpu_utilization_high_threshold_percent = "70"
cpu_utilization_low_threshold_percent = "20"
}To enable custom_alerts the map needs to be defined like so :
alarms = {
alb_scale_up = {
alarm_name = "${module.default_label.id}-alb-target-response-time-for-scale-up"
comparison_operator = "GreaterThanThreshold"
evaluation_periods = var.alb_target_group_alarms_evaluation_periods
metric_name = "TargetResponseTime"
namespace = "AWS/ApplicationELB"
period = var.alb_target_group_alarms_period
statistic = "Average"
threshold = var.alb_target_group_alarms_response_time_max_threshold
dimensions_name = "LoadBalancer"
dimensions_target = data.alb.arn_suffix
treat_missing_data = "missing"
ok_actions = var.alb_target_group_alarms_ok_actions
insufficient_data_actions = var.alb_target_group_alarms_insufficient_data_actions
alarm_description = "ALB Target response time is over ${var.alb_target_group_alarms_response_time_max_threshold} for more than ${var.alb_target_group_alarms_period}"
alarm_actions = [module.autoscaling.scale_up_policy_arn]
}
}
All those keys are required to be there so if the alarm you are setting does not requiere one or more keys you can just set to empty but do not remove the keys otherwise you could get a weird merge error due to the maps being of different sizes.
Important
In Cloud Posse's examples, we avoid pinning modules to specific versions to prevent discrepancies between the documentation and the latest released versions. However, for your own projects, we strongly advise pinning each module to the exact version you're using. This practice ensures the stability of your infrastructure. Additionally, we recommend implementing a systematic approach for updating versions to avoid unexpected changes.
Available targets:
help Help screen
help/all Display help for all targets
help/short This help short screen
lint Lint terraform code
| Name | Version |
|---|---|
| terraform | >= 1.3 |
| aws | >= 5.16 |
| Name | Version |
|---|---|
| aws | >= 5.16 |
| Name | Source | Version |
|---|---|---|
| this | cloudposse/label/null | 0.25.0 |
| Name | Type |
|---|---|
| aws_autoscaling_group.default | resource |
| aws_autoscaling_policy.scale_down | resource |
| aws_autoscaling_policy.scale_up | resource |
| aws_cloudwatch_metric_alarm.all_alarms | resource |
| aws_launch_template.default | resource |
| aws_subnet.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_tag_map | Additional key-value pairs to add to each map in tags_as_list_of_maps. Not added to tags or id.This is for some rare cases where resources want additional configuration of tags and therefore take a list of maps with tag key, value, and additional configuration. |
map(string) |
{} |
no |
| associate_public_ip_address | Associate a public IP address with an instance in a VPC. If network_interface_id is specified, this can only be false (see here for more info: https://stackoverflow.com/a/76808361). |
bool |
false |
no |
| attributes | ID element. Additional attributes (e.g. workers or cluster) to add to id,in the order they appear in the list. New attributes are appended to the end of the list. The elements of the list are joined by the delimiterand treated as a single ID element. |
list(string) |
[] |
no |
| autoscaling_policies_enabled | Whether to create aws_autoscaling_policy and aws_cloudwatch_metric_alarm resources to control Auto Scaling |
bool |
true |
no |
| block_device_mappings | Specify volumes to attach to the instance besides the volumes specified by the AMI | list(object({ |
[] |
no |
| capacity_rebalance | Indicates whether capacity rebalance is enabled. Otherwise, capacity rebalance is disabled. | bool |
false |
no |
| context | Single object for setting entire context at once. See description of individual variables for details. Leave string and numeric variables as null to use default value.Individual variable settings (non-null) override settings in context object, except for attributes, tags, and additional_tag_map, which are merged. |
any |
{ |
no |
| cpu_utilization_high_evaluation_periods | The number of periods over which data is compared to the specified threshold | number |
2 |
no |
| cpu_utilization_high_period_seconds | The period in seconds over which the specified statistic is applied | number |
300 |
no |
| cpu_utilization_high_statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum |
string |
"Average" |
no |
| cpu_utilization_high_threshold_percent | The value against which the specified statistic is compared | number |
90 |
no |
| cpu_utilization_low_evaluation_periods | The number of periods over which data is compared to the specified threshold | number |
2 |
no |
| cpu_utilization_low_period_seconds | The period in seconds over which the specified statistic is applied | number |
300 |
no |
| cpu_utilization_low_statistic | The statistic to apply to the alarm's associated metric. Either of the following is supported: SampleCount, Average, Sum, Minimum, Maximum |
string |
"Average" |
no |
| cpu_utilization_low_threshold_percent | The value against which the specified statistic is compared | number |
10 |
no |
| credit_specification | Customize the credit specification of the instances | object({ |
null |
no |
| custom_alarms | Map of custom CloudWatch alarms configurations | map(object({ |
{} |
no |
| default_alarms_enabled | Enable or disable cpu and memory Cloudwatch alarms | bool |
true |
no |
| default_cooldown | The amount of time, in seconds, after a scaling activity completes before another scaling activity can start | number |
300 |
no |
| delimiter | Delimiter to be used between ID elements. Defaults to - (hyphen). Set to "" to use no delimiter at all. |
string |
null |
no |
| descriptor_formats | Describe additional descriptors to be output in the descriptors output map.Map of maps. Keys are names of descriptors. Values are maps of the form {<br> format = string<br> labels = list(string)<br>}(Type is any so the map values can later be enhanced to provide additional options.)format is a Terraform format string to be passed to the format() function.labels is a list of labels, in order, to pass to format() function.Label values will be normalized before being passed to format() so they will beidentical to how they appear in id.Default is {} (descriptors output will be empty). |
any |
{} |
no |
| desired_capacity | The number of Amazon EC2 instances that should be running in the group, if not set will use min_size as value |
number |
null |
no |
| disable_api_termination | If true, enables EC2 Instance Termination Protection |
bool |
false |
no |
| ebs_optimized | If true, the launched EC2 instance will be EBS-optimized | bool |
false |
no |
| elastic_gpu_specifications | Specifications of Elastic GPU to attach to the instances | object({ |
null |
no |
| enable_monitoring | Enable/disable detailed monitoring | bool |
true |
no |
| enabled | Set to false to prevent the module from creating any resources | bool |
null |
no |
| enabled_metrics | A list of metrics to collect. The allowed values are GroupMinSize, GroupMaxSize, GroupDesiredCapacity, GroupInServiceInstances, GroupPendingInstances, GroupStandbyInstances, GroupTerminatingInstances, GroupTotalInstances |
list(string) |
[ |
no |
| environment | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | string |
null |
no |
| force_delete | Allows deleting the autoscaling group without waiting for all instances in the pool to terminate. You can force an autoscaling group to delete even if it's in the process of scaling a resource. Normally, Terraform drains all the instances before deleting the group. This bypasses that behavior and potentially leaves resources dangling | bool |
false |
no |
| health_check_grace_period | Time (in seconds) after instance comes into service before checking health | number |
300 |
no |
| health_check_type | Controls how health checking is done. Valid values are EC2 or ELB |
string |
"EC2" |
no |
| iam_instance_profile_name | The IAM instance profile name to associate with launched instances | string |
"" |
no |
| id_length_limit | Limit id to this many characters (minimum 6).Set to 0 for unlimited length.Set to null for keep the existing setting, which defaults to 0.Does not affect id_full. |
number |
null |
no |
| image_id | The EC2 image ID to launch | string |
"" |
no |
| instance_initiated_shutdown_behavior | Shutdown behavior for the instances. Can be stop or terminate |
string |
"terminate" |
no |
| instance_market_options | The market (purchasing) option for the instances | object({ |
null |
no |
| instance_refresh | The instance refresh definition | object({ |
null |
no |
| instance_reuse_policy | If warm pool and this block are configured, instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in. | object({ |
null |
no |
| instance_type | Instance type to launch | string |
n/a | yes |
| key_name | The SSH key name that should be used for the instance | string |
"" |
no |
| label_key_case | Controls the letter case of the tags keys (label names) for tags generated by this module.Does not affect keys of tags passed in via the tags input.Possible values: lower, title, upper.Default value: title. |
string |
null |
no |
| label_order | The order in which the labels (ID elements) appear in the id.Defaults to ["namespace", "environment", "stage", "name", "attributes"]. You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. |
list(string) |
null |
no |
| label_value_case | Controls the letter case of ID elements (labels) as included in id,set as tag values, and output by this module individually. Does not affect values of tags passed in via the tags input.Possible values: lower, title, upper and none (no transformation).Set this to title and set delimiter to "" to yield Pascal Case IDs.Default value: lower. |
string |
null |
no |
| labels_as_tags | Set of labels (ID elements) to include as tags in the tags output.Default is to include all labels. Tags with empty values will not be included in the tags output.Set to [] to suppress all generated tags.Notes: The value of the name tag, if included, will be the id, not the name.Unlike other null-label inputs, the initial setting of labels_as_tags cannot bechanged in later chained modules. Attempts to change it will be silently ignored. |
set(string) |
[ |
no |
| launch_template_version | Launch template version. Can be version number, $Latest or $Default |
string |
"$Latest" |
no |
| load_balancers | A list of elastic load balancer names to add to the autoscaling group names. Only valid for classic load balancers. For ALBs, use target_group_arns instead |
list(string) |
[] |
no |
| max_instance_lifetime | The maximum amount of time, in seconds, that an instance can be in service, values must be either equal to 0 or between 604800 and 31536000 seconds | number |
null |
no |
| max_size | The maximum size of the autoscale group | number |
n/a | yes |
| metadata_http_endpoint_enabled | Set false to disable the Instance Metadata Service. | bool |
true |
no |
| metadata_http_protocol_ipv6_enabled | Set true to enable IPv6 in the launch template. | bool |
false |
no |
| metadata_http_put_response_hop_limit | The desired HTTP PUT response hop limit (between 1 and 64) for Instance Metadata Service requests. The default is 2 to support containerized workloads. |
number |
2 |
no |
| metadata_http_tokens_required | Set true to require IMDS session tokens, disabling Instance Metadata Service Version 1. | bool |
true |
no |
| metadata_instance_metadata_tags_enabled | Set true to enable metadata tags in the launch template. | bool |
false |
no |
| metrics_granularity | The granularity to associate with the metrics to collect. The only valid value is 1Minute | string |
"1Minute" |
no |
| min_elb_capacity | Setting this causes Terraform to wait for this number of instances to show up healthy in the ELB only on creation. Updates will not wait on ELB instance number changes | number |
0 |
no |
| min_size | The minimum size of the autoscale group | number |
n/a | yes |
| mixed_instances_policy | policy to used mixed group of on demand/spot of differing types. Launch template is automatically generated. https://www.terraform.io/docs/providers/aws/r/autoscaling_group.html#mixed_instances_policy-1 | object({ |
null |
no |
| name | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'. This is the only ID element not also included as a tag.The "name" tag is set to the full id string. There is no tag with the value of the name input. |
string |
null |
no |
| namespace | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | string |
null |
no |
| network_interface_id | The ID of the network interface to attach. If specified, all the other network_interface block arguments are ignored. | string |
null |
no |
| placement | The placement specifications of the instances | object({ |
null |
no |
| placement_group | The name of the placement group into which you'll launch your instances, if any | string |
"" |
no |
| protect_from_scale_in | Allows setting instance protection. The autoscaling group will not select instances with this setting for terminination during scale in events | bool |
false |
no |
| regex_replace_chars | Terraform regular expression (regex) string. Characters matching the regex will be removed from the ID elements. If not set, "/[^a-zA-Z0-9-]/" is used to remove all characters other than hyphens, letters and digits. |
string |
null |
no |
| scale_down_adjustment_type | Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are ChangeInCapacity, ExactCapacity and PercentChangeInCapacity |
string |
"ChangeInCapacity" |
no |
| scale_down_cooldown_seconds | The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start | number |
300 |
no |
| scale_down_policy_type | The scaling policy type. Currently only SimpleScaling is supported |
string |
"SimpleScaling" |
no |
| scale_down_scaling_adjustment | The number of instances by which to scale. scale_down_scaling_adjustment determines the interpretation of this number (e.g. as an absolute number or as a percentage of the existing Auto Scaling group size). A positive increment adds to the current capacity and a negative value removes from the current capacity |
number |
-1 |
no |
| scale_up_adjustment_type | Specifies whether the adjustment is an absolute number or a percentage of the current capacity. Valid values are ChangeInCapacity, ExactCapacity and PercentChangeInCapacity |
string |
"ChangeInCapacity" |
no |
| scale_up_cooldown_seconds | The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start | number |
300 |
no |
| scale_up_policy_type | The scaling policy type. Currently only SimpleScaling is supported |
string |
"SimpleScaling" |
no |
| scale_up_scaling_adjustment | The number of instances by which to scale. scale_up_adjustment_type determines the interpretation of this number (e.g. as an absolute number or as a percentage of the existing Auto Scaling group size). A positive increment adds to the current capacity and a negative value removes from the current capacity |
number |
1 |
no |
| security_group_ids | A list of associated security group IDs | list(string) |
[] |
no |
| service_linked_role_arn | The ARN of the service-linked role that the ASG will use to call other AWS services | string |
"" |
no |
| stage | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | string |
null |
no |
| subnet_ids | A list of subnet IDs to launch resources in | list(string) |
n/a | yes |
| suspended_processes | A list of processes to suspend for the AutoScaling Group. The allowed values are Launch, Terminate, HealthCheck, ReplaceUnhealthy, AZRebalance, AlarmNotification, ScheduledActions, AddToLoadBalancer. Note that if you suspend either the Launch or Terminate process types, it can prevent your autoscaling group from functioning properly. |
list(string) |
[] |
no |
| tag_specifications_resource_types | List of tag specification resource types to tag. Valid values are instance, volume, elastic-gpu and spot-instances-request. | set(string) |
[ |
no |
| tags | Additional tags (e.g. {'BusinessUnit': 'XYZ'}).Neither the tag keys nor the tag values will be modified by this module. |
map(string) |
{} |
no |
| target_group_arns | A list of aws_alb_target_group ARNs, for use with Application Load Balancing | list(string) |
[] |
no |
| tenant | ID element _(Rarely used, not included by default)_. A customer identifier, indicating who this instance of a resource is for | string |
null |
no |
| termination_policies | A list of policies to decide how the instances in the auto scale group should be terminated. The allowed values are OldestInstance, NewestInstance, OldestLaunchConfiguration, ClosestToNextInstanceHour, Default |
list(string) |
[ |
no |
| update_default_version | Whether to update Default version of Launch template each update | bool |
false |
no |
| user_data_base64 | The Base64-encoded user data to provide when launching the instances | string |
"" |
no |
| wait_for_capacity_timeout | A maximum duration that Terraform should wait for ASG instances to be healthy before timing out. Setting this to '0' causes Terraform to skip all Capacity Waiting behavior | string |
"10m" |
no |
| wait_for_elb_capacity | Setting this will cause Terraform to wait for exactly this number of healthy instances in all attached load balancers on both create and update operations. Takes precedence over min_elb_capacity behavior |
number |
0 |
no |
| warm_pool | If this block is configured, add a Warm Pool to the specified Auto Scaling group. See warm_pool. | object({ |
null |
no |
| Name | Description |
|---|---|
| autoscaling_group_arn | ARN of the AutoScaling Group |
| autoscaling_group_default_cooldown | Time between a scaling activity and the succeeding scaling activity |
| autoscaling_group_desired_capacity | The number of Amazon EC2 instances that should be running in the group |
| autoscaling_group_health_check_grace_period | Time after instance comes into service before checking health |
| autoscaling_group_health_check_type | EC2 or ELB. Controls how health checking is done |
| autoscaling_group_id | The AutoScaling Group id |
| autoscaling_group_max_size | The maximum size of the autoscale group |
| autoscaling_group_min_size | The minimum size of the autoscale group |
| autoscaling_group_name | The AutoScaling Group name |
| autoscaling_group_tags | A list of tag settings associated with the AutoScaling Group |
| autoscaling_policy_scale_down_arn | ARN of the AutoScaling policy scale down |
| autoscaling_policy_scale_up_arn | ARN of the AutoScaling policy scale up |
| launch_template_arn | The ARN of the launch template |
| launch_template_id | The ID of the launch template |
Check out these related projects.
- terraform-aws-ec2-instance - Terraform module for providing a general purpose EC2 instance
- terraform-aws-ec2-bastion-server - Terraform module to define a generic bastion host with parameterized user data
- terraform-aws-ec2-admin-server - Terraform module for providing an EC2 instance capable of running admin tasks
- terraform-aws-ec2-instance-group - Terraform module for provisioning multiple general purpose EC2 hosts for stateful applications
- terraform-aws-ec2-ami-snapshot - Terraform module to easily generate AMI snapshots to create replica instances
Tip
Use Cloud Posse's ready-to-go terraform architecture blueprints for AWS to get up and running quickly.
โ
We build it with you.
โ
You own everything.
โ
Your team wins.
๐ Learn More
Cloud Posse is the leading DevOps Accelerator for funded startups and enterprises.
Your team can operate like a pro today.
Ensure that your team succeeds by using Cloud Posse's proven process and turnkey blueprints. Plus, we stick around until you succeed.
- Reference Architecture. You'll get everything you need from the ground up built using 100% infrastructure as code.
- Deployment Strategy. Adopt a proven deployment strategy with GitHub Actions, enabling automated, repeatable, and reliable software releases.
- Site Reliability Engineering. Gain total visibility into your applications and services with Datadog, ensuring high availability and performance.
- Security Baseline. Establish a secure environment from the start, with built-in governance, accountability, and comprehensive audit logs, safeguarding your operations.
- GitOps. Empower your team to manage infrastructure changes confidently and efficiently through Pull Requests, leveraging the full power of GitHub Actions.
- Training. Equip your team with the knowledge and skills to confidently manage the infrastructure, ensuring long-term success and self-sufficiency.
- Support. Benefit from a seamless communication over Slack with our experts, ensuring you have the support you need, whenever you need it.
- Troubleshooting. Access expert assistance to quickly resolve any operational challenges, minimizing downtime and maintaining business continuity.
- Code Reviews. Enhance your teamโs code quality with our expert feedback, fostering continuous improvement and collaboration.
- Bug Fixes. Rely on our team to troubleshoot and resolve any issues, ensuring your systems run smoothly.
- Migration Assistance. Accelerate your migration process with our dedicated support, minimizing disruption and speeding up time-to-value.
- Customer Workshops. Engage with our team in weekly workshops, gaining insights and strategies to continuously improve and innovate.
This project is under active development, and we encourage contributions from our community.
Many thanks to our outstanding contributors:
For ๐ bug reports & feature requests, please use the issue tracker.
In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
- Review our Code of Conduct and Contributor Guidelines.
- Fork the repo on GitHub
- Clone the project to your own machine
- Commit changes to your own branch
- Push your work back up to your fork
- Submit a Pull Request so that we can review your changes
NOTE: Be sure to merge the latest changes from "upstream" before making a pull request!
Join our Open Source Community on Slack. It's FREE for everyone! Our "SweetOps" community is where you get to talk with others who share a similar vision for how to rollout and manage infrastructure. This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build totally sweet infrastructure.
Sign up for our newsletter and join 3,000+ DevOps engineers, CTOs, and founders who get insider access to the latest DevOps trends, so you can always stay in the know. Dropped straight into your Inbox every week โ and usually a 5-minute read.
Join us every Wednesday via Zoom for your weekly dose of insider DevOps trends, AWS news and Terraform insights, all sourced from our SweetOps community, plus a live Q&A that you canโt find anywhere else. It's FREE for everyone!
Preamble to the Apache License, Version 2.0
Complete license is available in the LICENSE file.
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
All other trademarks referenced herein are the property of their respective owners.
Copyright ยฉ 2017-2024 Cloud Posse, LLC
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent