-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaccess-ci-service.yaml
154 lines (133 loc) · 3.5 KB
/
access-ci-service.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
---
AWSTemplateFormatVersion: 2010-09-09
Parameters:
Name:
Type: String
Cluster:
Type: String
DesiredCount:
Type: Number
Default: 0
LaunchType:
Type: String
Default: Fargate
AllowedValues:
- Fargate
- EC2
TargetGroup:
Type: String
SourceSecurityGroup:
Type: AWS::EC2::SecurityGroup::Id
Subnets:
Type: List<AWS::EC2::Subnet::Id>
ContainerImageURI:
Type: String
Conditions:
Fargate: !Equals [ !Ref LaunchType, "Fargate" ]
EC2: !Equals [ !Ref LaunchType, "EC2" ]
Resources:
TaskRole:
Type: AWS::IAM::Role
Properties:
Path: /
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: ecs-tasks.amazonaws.com
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
TaskExecutionRole:
Type: AWS::IAM::Role
Properties:
Path: /
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service: ecs-tasks.amazonaws.com
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
LogGroup:
Type: AWS::Logs::LogGroup
Properties:
LogGroupName: !Sub /ecs/${Name}
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
FargateService:
Type: AWS::ECS::Service
Condition: Fargate
Properties:
Cluster: !Ref Cluster
DesiredCount: !Ref DesiredCount
HealthCheckGracePeriodSeconds: 120
TaskDefinition: !Ref TaskDefinition
LaunchType: FARGATE
NetworkConfiguration:
AwsvpcConfiguration:
AssignPublicIp: DISABLED
SecurityGroups:
- !Ref SourceSecurityGroup
Subnets: !Ref Subnets
LoadBalancers:
- ContainerName: !Ref Name
ContainerPort: 443
TargetGroupArn: !Ref TargetGroup
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
EC2Service:
Type: AWS::ECS::Service
Condition: EC2
Properties:
Cluster: !Ref Cluster
DesiredCount: !Ref DesiredCount
HealthCheckGracePeriodSeconds: 120
TaskDefinition: !Ref TaskDefinition
LaunchType: EC2
LoadBalancers:
- ContainerName: !Ref Name
ContainerPort: 443
TargetGroupArn: !Ref TargetGroup
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
TaskDefinition:
Type: AWS::ECS::TaskDefinition
Properties:
Family: !Ref Name
RequiresCompatibilities:
- !If [ Fargate, "FARGATE", "EC2" ]
Memory: !If [ Fargate, 4096, 3884 ]
Cpu: 2048
NetworkMode: !If [ Fargate, "awsvpc", "bridge" ]
TaskRoleArn: !Ref TaskRole
ExecutionRoleArn: !Ref TaskExecutionRole
ContainerDefinitions:
- Name: !Ref Name
Image: !Ref ContainerImageURI
Essential: true
Memory: !If [ Fargate, 4096, 3884 ]
PortMappings:
- ContainerPort: 443
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-region: !Ref AWS::Region
awslogs-group: !Ref LogGroup
awslogs-stream-prefix: !Ref Name
Tags:
- Key: WBS
Value: 'ACCESS CONECT 1.4'
Outputs:
Service:
Value: !If [ Fargate, !Ref FargateService, !Ref EC2Service ]