grodzik/main.tf

## main.tf
provider "aws" {
}

resource "aws_iam_role" "ecs_instance_role" {
  name = "ecs_instance_role"

  assume_role_policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
    {
        "Action": "sts:AssumeRole",
        "Effect": "Allow",
        "Principal": {
        "Service": "ec2.amazonaws.com"
        }
    }
    ]
}
EOF

}

resource "aws_iam_role_policy_attachment" "ecs_instance_role" {
  role       = aws_iam_role.ecs_instance_role.name
  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
}

resource "aws_iam_instance_profile" "ecs_instance_role" {
  name = "ecs_instance_role"
  role = aws_iam_role.ecs_instance_role.name
}

resource "aws_iam_role" "aws_batch_service_role" {
  name = "aws_batch_service_role"

  assume_role_policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
    {
        "Action": "sts:AssumeRole",
        "Effect": "Allow",
        "Principal": {
        "Service": "batch.amazonaws.com"
        }
    }
    ]
}
EOF

}

resource "aws_iam_role_policy_attachment" "aws_batch_service_role" {
  role       = aws_iam_role.aws_batch_service_role.name
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole"
}

resource "aws_security_group" "sample" {
  name = "aws_batch_compute_environment_security_group"
}

resource "aws_vpc" "sample" {
  cidr_block = "10.1.0.0/16"
}

resource "aws_subnet" "sample" {
  vpc_id     = aws_vpc.sample.id
  cidr_block = "10.1.1.0/24"
}

resource "aws_batch_compute_environment" "sample" {
  compute_environment_name = "sample"

  compute_resources {
    instance_role = aws_iam_instance_profile.ecs_instance_role.arn

    instance_type = [
      "c4.large",
    ]

    max_vcpus     = 16
    min_vcpus     = 0
    desired_vcpus = 5

    security_group_ids = [
      aws_security_group.sample.id,
    ]

    subnets = [
      aws_subnet.sample.id,
    ]

    type = "EC2"
  }

  lifecycle {
    create_before_destroy = true
    ignore_changes        = ["compute_resources[*].desired_vcpus"]
  }

  service_role = aws_iam_role.aws_batch_service_role.arn
  type         = "MANAGED"
  depends_on   = [aws_iam_role_policy_attachment.aws_batch_service_role]
}
	provider "aws" {
	}

	resource "aws_iam_role" "ecs_instance_role" {
	name = "ecs_instance_role"

	assume_role_policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "sts:AssumeRole",
	"Effect": "Allow",
	"Principal": {
	"Service": "ec2.amazonaws.com"
	}
	}
	]
	}
	EOF

	}

	resource "aws_iam_role_policy_attachment" "ecs_instance_role" {
	role = aws_iam_role.ecs_instance_role.name
	policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
	}

	resource "aws_iam_instance_profile" "ecs_instance_role" {
	name = "ecs_instance_role"
	role = aws_iam_role.ecs_instance_role.name
	}

	resource "aws_iam_role" "aws_batch_service_role" {
	name = "aws_batch_service_role"

	assume_role_policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "sts:AssumeRole",
	"Effect": "Allow",
	"Principal": {
	"Service": "batch.amazonaws.com"
	}
	}
	]
	}
	EOF

	}

	resource "aws_iam_role_policy_attachment" "aws_batch_service_role" {
	role = aws_iam_role.aws_batch_service_role.name
	policy_arn = "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole"
	}

	resource "aws_security_group" "sample" {
	name = "aws_batch_compute_environment_security_group"
	}

	resource "aws_vpc" "sample" {
	cidr_block = "10.1.0.0/16"
	}

	resource "aws_subnet" "sample" {
	vpc_id = aws_vpc.sample.id
	cidr_block = "10.1.1.0/24"
	}

	resource "aws_batch_compute_environment" "sample" {
	compute_environment_name = "sample"

	compute_resources {
	instance_role = aws_iam_instance_profile.ecs_instance_role.arn

	instance_type = [
	"c4.large",
	]

	max_vcpus = 16
	min_vcpus = 0
	desired_vcpus = 5

	security_group_ids = [
	aws_security_group.sample.id,
	]

	subnets = [
	aws_subnet.sample.id,
	]

	type = "EC2"
	}

	lifecycle {
	create_before_destroy = true
	ignore_changes = ["compute_resources[*].desired_vcpus"]
	}

	service_role = aws_iam_role.aws_batch_service_role.arn
	type = "MANAGED"
	depends_on = [aws_iam_role_policy_attachment.aws_batch_service_role]
	}