def add_resources_and_outputs(self):
"""Add resources to template."""
template = self.template
variables = self.get_variables()
# build the list of managed policy ARNs to attach to the role
managed_policy_arns = []
for mpa in variables['ManagedPolicyArns']:
managed_policy_arns.append(mpa)
iamrole = template.add_resource(
iam.Role('IamRole',
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
RoleName=variables['RoleName'].ref,
ManagedPolicyArns=managed_policy_arns))
template.add_output(
Output(
"{}Arn".format(iamrole.title),
Description="IAM Role ARN",
Value=GetAtt(iamrole, "Arn"),
))
template.add_output(
Output(
"{}Name".format(iamrole.title),
Description="IAM Role name",
Value=Ref(iamrole),
))
def create_role(self):
t = self.template
self.role = t.add_resource(
iam.Role(
"Role",
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
Path="/",
)
)
self.add_output("RoleName", self.role.Ref())
self.add_output("RoleArn", self.role.GetAtt("Arn"))
self.add_output("RoleId", self.role.GetAtt("RoleId"))
def create_task_execution_role(self):
t = self.template
self.task_execution_role = t.add_resource(
iam.Role(
"TaskExecutionRole",
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
))
t.add_output(
Output("TaskExecutionRoleName",
Value=self.task_execution_role.Ref()))
t.add_output(
Output("TaskExecutionRoleArn",
Value=self.task_execution_role.GetAtt("Arn")))
def create_task_role(self):
if self.task_role_arn:
self.add_output("RoleArn", self.task_role_arn)
return
t = self.template
self.task_role = t.add_resource(
iam.Role(
"Role",
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
Path="/",
)
)
self.add_output("RoleName", self.task_role.Ref())
self.add_output("RoleArn", self.task_role.GetAtt("Arn"))
self.add_output("RoleId", self.task_role.GetAtt("RoleId"))
def create_task_execution_role(self):
t = self.template
self.task_execution_role = t.add_resource(
iam.Role(
"TaskExecutionRole",
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
)
)
t.add_output(
Output(
"TaskExecutionRoleName",
Value=self.task_execution_role.Ref()
)
)
t.add_output(
Output(
"TaskExecutionRoleArn",
Value=self.task_execution_role.GetAtt("Arn")
)
)
def add_resources_and_outputs(self):
"""Add resources to template."""
template = self.template
variables = self.get_variables()
ecstaskexeciamrole = template.add_resource(
iam.Role(
'IamRoleEcsTaskExec',
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
RoleName=variables['RoleName'].ref,
ManagedPolicyArns=[
'arn:aws:iam::aws:'
'policy/service-role/AmazonECSTaskExecutionRolePolicy'
]
)
)
template.add_output(
Output(
"{}Arn".format(ecstaskexeciamrole.title),
Description="ECS Task Execution IAM Role ARN",
Value=GetAtt(ecstaskexeciamrole, "Arn"),
)
)
def add_resources(self):
"""Add resources to template."""
class EcsServiceWithHealthCheckGracePeriodSeconds(ecs.Service):
"""ECS Service class with HealthCheckGracePeriodSeconds added."""
props = ecs.Service.props
props['HealthCheckGracePeriodSeconds'] = (positive_integer, False)
pkg_version = pkg_resources.get_distribution('troposphere').version
if LooseVersion(pkg_version) < LooseVersion('2.1.3'):
ecs_service = EcsServiceWithHealthCheckGracePeriodSeconds
else:
ecs_service = ecs.Service
template = self.template
variables = self.get_variables()
ecstaskrole = template.add_resource(
iam.Role('EcsTaskRole',
AssumeRolePolicyDocument=get_ecs_task_assumerole_policy(),
RoleName=variables['EcsTaskRoleName'].ref))
loggroup = template.add_resource(
logs.LogGroup(
'CloudWatchLogGroup',
LogGroupName=Join('', [
'/ecs/', variables['ContainerName'].ref, '-',
variables['EnvironmentName'].ref
]),
RetentionInDays=variables['EcsCloudWatchLogRetention'].ref))
ecscontainerdef = ecs.ContainerDefinition(
Image=Join('', [
Ref('AWS::AccountId'), '.dkr.ecr.',
Ref('AWS::Region'), '.amazonaws.com/',
variables['ContainerName'].ref, '-',
variables['EnvironmentName'].ref
]),
LogConfiguration=ecs.LogConfiguration(LogDriver='awslogs',
Options={
'awslogs-group':
Ref(loggroup),
'awslogs-region':
Ref('AWS::Region'),
'awslogs-stream-prefix':
'ecs'
}),
Name=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
PortMappings=[
ecs.PortMapping(ContainerPort=variables['ContainerPort'].ref)
])
ecstaskdef = template.add_resource(
ecs.TaskDefinition(
'EcsTaskDef',
ContainerDefinitions=[ecscontainerdef],
Cpu=variables['TaskCpu'].ref,
Memory=variables['TaskMem'].ref,
ExecutionRoleArn=variables['EcsTaskExecIamRoleArn'].ref,
TaskRoleArn=Ref(ecstaskrole),
Family=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
NetworkMode='awsvpc',
RequiresCompatibilities=['FARGATE']))
ecscluster = template.add_resource(
ecs.Cluster('EcsCluster',
ClusterName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
])))
ecsservice = template.add_resource(
ecs_service(
'EcsService',
Cluster=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
DeploymentConfiguration=ecs.DeploymentConfiguration(
MinimumHealthyPercent=variables['MinHealthyPercent'].ref,
MaximumPercent=variables['MaxPercent'].ref),
DesiredCount=variables['NumberOfTasks'].ref,
HealthCheckGracePeriodSeconds=variables[
'HealthCheckGracePeriod'].ref,
LaunchType='FARGATE',
LoadBalancers=[
ecs.LoadBalancer(
ContainerName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
ContainerPort=variables['ContainerPort'].ref,
TargetGroupArn=variables['TargetGroupArn'].ref)
],
NetworkConfiguration=ecs.NetworkConfiguration(
AwsvpcConfiguration=ecs.AwsvpcConfiguration(
SecurityGroups=variables['SgIdList'].ref,
Subnets=variables['Subnets'].ref)),
ServiceName=Join('-', [
variables['ContainerName'].ref,
variables['EnvironmentName'].ref
]),
TaskDefinition=Ref(ecstaskdef)))
template.add_output(
Output("{}Arn".format(ecstaskrole.title),
Description="ECS Task Role ARN",
Value=GetAtt(ecstaskrole, "Arn"),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecstaskrole.title))))
template.add_output(
Output("{}Name".format(ecstaskrole.title),
Description="ECS Task Role Name",
Value=Ref(ecstaskrole)))
template.add_output(
Output("{}Arn".format(ecsservice.title),
Description="ARN of the ECS Service",
Value=Ref(ecsservice),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecsservice.title))))
template.add_output(
Output("{}Name".format(ecsservice.title),
Description="Name of the ECS Service",
Value=GetAtt(ecsservice, "Name"),
Export=Export(
Sub('${AWS::StackName}-%sName' % ecsservice.title))))
template.add_output(
Output("{}Arn".format(ecscluster.title),
Description="ECS Cluster ARN",
Value=GetAtt(ecscluster, "Arn"),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecscluster.title))))
template.add_output(
Output("{}Arn".format(ecstaskdef.title),
Description="ARN of the Task Definition",
Value=Ref(ecstaskdef),
Export=Export(
Sub('${AWS::StackName}-%sArn' % ecstaskdef.title))))