code for article pfeilbr/aws-ecs-playground
learn AWS ECS
Examples
ecs-fargate-load-balanced-http-service-example
example ECS Fargate private (vpc only access) load balanced (internal ALB) http service (nginx)
ecs-fargate-task-example
example ECS Fargate nodejs task that is manually run
ecs-fargate-task-with-efs-example
example ECS Fargate nodejs task with EFS file share that is manually run
ecs-on-ec2-with-bottlerocket-example
example ECS on EC2 using Bottlerocket AMI for ECS container instance
ecs-cli-example
example using ecs-cli
to serve simple docker compose nodejs web app
Notes
- Fargate Task CPU and memory
- min cpu: 256 (.25 vCPU), max cpu: 4096 (4 vCPU)
- min mem: 512 MiB, max mem: 30 GB
AWS::ECS::TaskDefinition.ExecutionRoleArn
- role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For example, permission to pull ECR images and create log streams. See Amazon ECS task execution IAM role. Thearn:aws:iam::${AWS::AccountId}:role/ecsTaskExecutionRole
role is available by default.AWS::ECS::TaskDefinition.TaskRoleArn
- role that grants containers in the task permission to call AWS APIs on your behalf. e.g. access S3, secrets manager, etc. See IAM roles for tasksAWS::ECS::Service.Role
- no need to specify in typical use case. Amazon ECS uses the service-linked role named AWSServiceRoleForECS to enable Amazon ECS to call AWS APIs on your behalf. see Service-linked role for Amazon ECSAWS::ECS::Service.NetworkConfiguration
- required for task definitions that use the awsvpc network mode to receive their own elastic network interface, and it is not supported for other network modesAWS::ECS::Service.NetworkConfiguration.AwsvpcConfiguration.AssignPublicIp
- Whether the task’s elastic network interface receives a public IP address. The default value is DISABLED. (DISABLED | ENABLED)
Twitter • Reddit