diff --git a/README.md b/README.md
index 26a1a86..b4b644a 100644
--- a/README.md
+++ b/README.md
@@ -42,8 +42,8 @@ In order to run all checks at any point run the following command:
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.29.0 |
-| [random](#provider\_random) | 3.4.2 |
+| [aws](#provider\_aws) | >= 4 |
+| [random](#provider\_random) | >= 3 |
## Modules
@@ -51,7 +51,7 @@ In order to run all checks at any point run the following command:
|------|--------|---------|
| [acm](#module\_acm) | terraform-aws-modules/acm/aws | ~> 4.0 |
| [aws\_cw\_logs](#module\_aws\_cw\_logs) | cn-terraform/cloudwatch-logs/aws | 1.0.12 |
-| [ecs\_fargate](#module\_ecs\_fargate) | cn-terraform/ecs-fargate/aws | 2.0.45 |
+| [ecs\_fargate](#module\_ecs\_fargate) | cn-terraform/ecs-fargate/aws | 2.0.52 |
## Resources
@@ -74,14 +74,18 @@ In order to run all checks at any point run the following command:
| [container\_memory](#input\_container\_memory) | (Optional) The amount of memory (in MiB) to allow the container to use. This is a hard limit, if the container attempts to exceed the container\_memory, the container is killed. This field is optional for Fargate launch type and the total amount of container\_memory of all containers in a task will need to be lower than the task memory value | `number` | `8192` | no |
| [container\_memory\_reservation](#input\_container\_memory\_reservation) | (Optional) The amount of memory (in MiB) to reserve for the container. If container needs to exceed this threshold, it can do so up to the set container\_memory hard limit | `number` | `4096` | no |
| [create\_kms\_key](#input\_create\_kms\_key) | If true a new KMS key will be created to encrypt the logs. Defaults true. If set to false a custom key can be used by setting the variable `log_group_kms_key_id` | `bool` | `false` | no |
+| [custom\_lb\_arn](#input\_custom\_lb\_arn) | ARN of the Load Balancer to use in the ECS service. If provided, this module will not create a load balancer and will use the one provided in this variable | `string` | `null` | no |
| [db\_backup\_retention\_period](#input\_db\_backup\_retention\_period) | The days to retain backups for. Default 3 | `number` | `3` | no |
| [db\_deletion\_protection](#input\_db\_deletion\_protection) | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is false. | `bool` | `false` | no |
-| [db\_engine\_version](#input\_db\_engine\_version) | DB engine version | `string` | `"14.2"` | no |
+| [db\_engine\_version](#input\_db\_engine\_version) | DB engine version | `string` | `"14.4"` | no |
| [db\_instance\_number](#input\_db\_instance\_number) | Number of instance deployed on Aurora. By default, number of subnet in private\_subnets\_ids | `number` | `null` | no |
| [db\_instance\_size](#input\_db\_instance\_size) | DB instance size | `string` | `"db.r4.large"` | no |
| [db\_name](#input\_db\_name) | Default DB name | `string` | `"sonar"` | no |
| [db\_password](#input\_db\_password) | DB password | `string` | `""` | no |
| [db\_username](#input\_db\_username) | Default DB username | `string` | `"sonar"` | no |
+| [default\_certificate\_arn](#input\_default\_certificate\_arn) | ACM certificate ARN if you plan to manage it yourself | `string` | `""` | no |
+| [deployment\_circuit\_breaker\_enabled](#input\_deployment\_circuit\_breaker\_enabled) | (Optional) You can enable the deployment circuit breaker to cause a service deployment to transition to a failed state if tasks are persistently failing to reach RUNNING state or are failing healthcheck. | `bool` | `false` | no |
+| [deployment\_circuit\_breaker\_rollback](#input\_deployment\_circuit\_breaker\_rollback) | (Optional) The optional rollback option causes Amazon ECS to roll back to the last completed deployment upon a deployment failure. | `bool` | `false` | no |
| [dns\_zone\_id](#input\_dns\_zone\_id) | Route 53 zone id | `string` | `""` | no |
| [enable\_autoscaling](#input\_enable\_autoscaling) | Enable auto scaling for datacenter edition | `bool` | `false` | no |
| [enable\_s3\_bucket\_server\_side\_encryption](#input\_enable\_s3\_bucket\_server\_side\_encryption) | (Optional) If true, server side encryption will be applied. | `bool` | `true` | no |
diff --git a/examples/test/main.tf b/examples/test/main.tf
index b17af94..b81b238 100644
--- a/examples/test/main.tf
+++ b/examples/test/main.tf
@@ -1,5 +1,7 @@
module "base-network" {
source = "cn-terraform/networking/aws"
+ version = "2.0.16"
+
name_prefix = "test-networking"
vpc_cidr_block = "192.168.0.0/16"
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c", "us-east-1d"]
diff --git a/main.tf b/main.tf
index 5d9d9be..dd6fb26 100644
--- a/main.tf
+++ b/main.tf
@@ -8,6 +8,8 @@ locals {
sonar_db_name = var.db_name
sonar_db_username = var.db_username
sonar_db_password = var.db_password == "" ? random_password.master_password.result : var.db_password
+
+ default_certificate_arn = var.default_certificate_arn == "" || var.enable_ssl == true ? module.acm[0].acm_certificate_arn : var.default_certificate_arn
}
#------------------------------------------------------------------------------
@@ -67,7 +69,8 @@ module "ecs_fargate" {
lb_https_ports = var.lb_https_ports
lb_enable_cross_zone_load_balancing = var.lb_enable_cross_zone_load_balancing
lb_waf_web_acl_arn = var.lb_waf_web_acl_arn
- default_certificate_arn = var.enable_ssl ? module.acm[0].acm_certificate_arn : null
+ default_certificate_arn = var.enable_ssl || var.default_certificate_arn != "" ? local.default_certificate_arn : null
+
# Application Load Balancer Logs
enable_s3_logs = var.enable_s3_logs
diff --git a/variables.tf b/variables.tf
index 7e71507..b6d6d7f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -309,3 +309,9 @@ variable "https_record_domain_name" {
type = string
default = ""
}
+
+variable "default_certificate_arn" {
+ description = "ACM certificate ARN if you plan to manage it yourself"
+ type = string
+ default = ""
+}