terraform-aws-cloudmap

Terraform module to manage Amazon Cloud Map namespaces and services for DNS-based discovery, including support for Lambda Function URL registration.

Requirements

Name	Version
terraform	>= 1.0
aws	>= 4.0

Providers

Name	Version
aws	>= 4.0

Modules

No modules.

Resources

Name	Type
aws_iam_role.ecs_service_discovery	resource
aws_iam_role_policy.ecs_service_discovery	resource
aws_service_discovery_http_namespace.this	resource
aws_service_discovery_instance.lambda	resource
aws_service_discovery_private_dns_namespace.this	resource
aws_service_discovery_public_dns_namespace.this	resource
aws_service_discovery_service.services	resource

Inputs

Name	Description	Type	Default	Required
create_ecs_service_discovery_role	Whether to create IAM role for ECS service discovery	bool	false	no
create_namespace	Whether to create an HTTP namespace	bool	false	no
create_private_dns_namespace	Whether to create a private DNS namespace	bool	false	no
create_public_dns_namespace	Whether to create a public DNS namespace	bool	false	no
dns_record_type	Type of DNS record	string	"A"	no
dns_ttl	TTL for DNS records	number	10	no
enable_dns_config	Enable DNS configuration for the service. Set to false for HTTP namespaces or when using existing HTTP namespaces.	bool	true	no
enable_health_checks	Enable health checks for the service. Set to false when using private IPs or unsupported instance types.	bool	true	no
enable_lambda_registration	Enable registration of Lambda Function URL in CloudMap service discovery	bool	false	no
existing_namespace_id	ID of an existing namespace to use	string	null	no
lambda_attributes	Additional attributes for the Lambda instance in CloudMap	map(string)	{}	no
lambda_instance_id	Unique identifier for the Lambda instance in CloudMap	string	"lambda-function"	no
lambda_ip_address	IP address to use for Lambda A record in CloudMap. If not provided, uses a placeholder IP.	string	null	no
lambda_service_name	Name of the CloudMap service for Lambda registration. If not specified, uses the first service name from var.services	string	null	no
lambda_url	Lambda Function URL or API Gateway endpoint to register in CloudMap	string	null	no
namespace_description	Description of the CloudMap namespace	string	null	no
namespace_name	Name of the CloudMap namespace	string	null	no
routing_policy	Routing policy for the service	string	"MULTIVALUE"	no
services	Map of CloudMap services to create	map(object({ name = string description = optional(string) dns_ttl = optional(number, 10) dns_record_type = optional(string, "A") routing_policy = optional(string, "MULTIVALUE") health_check_config = optional(object({ resource_path = string type = string failure_threshold = optional(number, 3) })) health_check_custom_config = optional(bool, false) custom_health_check_failure_threshold = optional(number, 1) tags = optional(map(string), {}) }))	{}	no
tags	A map of tags to assign to the resources	map(string)	{}	no
vpc_id	VPC ID for private DNS namespace	string	null	no

Outputs

Name	Description
ecs_service_discovery_role_arn	ARN of the ECS service discovery IAM role
ecs_service_discovery_role_name	Name of the ECS service discovery IAM role
health_check_debug	Debug information for health check configuration - use for troubleshooting
lambda_discovery_url	CloudMap discovery URL for the Lambda function
lambda_instance_id	ID of the registered Lambda instance in CloudMap
lambda_registration_debug	Debug information for Lambda registration - use for troubleshooting
lambda_service_id	ID of the CloudMap service where Lambda is registered
namespace_arn	ARN of the created namespace
namespace_id	ID of the created namespace
namespace_name	Name of the created namespace
service_arns	Map of service names to their ARNs for ECS integration
services	Map of created services with their details

Features

• Multiple Namespace Types: Support for HTTP, Private DNS, and Public DNS namespaces
• Service Discovery: Create and manage CloudMap services with configurable DNS settings
• Health Checks: Configurable health checks for services (standard and custom)
• Lambda Function URL Support: Register Lambda Function URLs in CloudMap for service discovery
• ECS Integration: IAM roles for ECS service discovery
• Flexible Configuration: Support for existing namespaces and custom attributes

Lambda Function URL Registration

This module supports registering Lambda Function URLs in CloudMap for service discovery within VPCs. This allows services to resolve Lambda functions by DNS without hardcoding URLs.

Example Usage

module "cloudmap" {
  source = "path/to/module"

  # Create private DNS namespace
  create_private_dns_namespace = true
  namespace_name               = "api.internal"
  vpc_id                      = data.aws_vpc.default.id

  # Define service with CNAME record type
  services = {
    "api-service" = {
      name        = "api-service"
      dns_record_type = "CNAME"  # Required for Lambda Function URL
      routing_policy = "WEIGHTED"
      health_check_custom_config = true
    }
  }

  # Enable Lambda registration
  enable_lambda_registration = true
  lambda_instance_id         = "api-lambda-01"
  lambda_url                 = aws_lambda_function_url.api.function_url
  lambda_service_name        = "api-service"
  lambda_attributes = {
    "environment"    = "production"
    "version"        = "v1.0.0"
    "function_name"  = aws_lambda_function.api.function_name
  }
}

Benefits

• Consistent DNS Resolution: Services can resolve Lambda functions using standard DNS
• VPC Integration: Lambda functions appear as local services within VPC
• Health Monitoring: CloudMap can monitor Lambda function health
• Automatic Failover: Support for multiple Lambda instances with load balancing

Examples

• Basic HTTP Namespace: Simple HTTP namespace with EC2 instance
• Custom Registry: Mixed service types with Lambda integration
• Lambda Function URL: Complete Lambda Function URL registration example