Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

517 lines (515 sloc) 15.8 KB
Resources:
MyVpcF9F0CA6F:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsHostnames: true
EnableDnsSupport: true
InstanceTenancy: default
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/Resource
MyVpcPublicSubnet1SubnetF6608456:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.0.0/18
VpcId:
Ref: MyVpcF9F0CA6F
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ""
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet1
- Key: aws-cdk:subnet-name
Value: Public
- Key: aws-cdk:subnet-type
Value: Public
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/Subnet
MyVpcPublicSubnet1RouteTableC46AB2F4:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: MyVpcF9F0CA6F
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet1
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/RouteTable
MyVpcPublicSubnet1RouteTableAssociation2ECEE1CB:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: MyVpcPublicSubnet1RouteTableC46AB2F4
SubnetId:
Ref: MyVpcPublicSubnet1SubnetF6608456
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/RouteTableAssociation
MyVpcPublicSubnet1DefaultRoute95FDF9EB:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: MyVpcPublicSubnet1RouteTableC46AB2F4
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: MyVpcIGW5C4A4F63
DependsOn:
- MyVpcVPCGW488ACE0D
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/DefaultRoute
MyVpcPublicSubnet1EIP096967CB:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/EIP
MyVpcPublicSubnet1NATGatewayAD3400C1:
Type: AWS::EC2::NatGateway
Properties:
AllocationId:
Fn::GetAtt:
- MyVpcPublicSubnet1EIP096967CB
- AllocationId
SubnetId:
Ref: MyVpcPublicSubnet1SubnetF6608456
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet1
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet1/NATGateway
MyVpcPublicSubnet2Subnet492B6BFB:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.64.0/18
VpcId:
Ref: MyVpcF9F0CA6F
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet2
- Key: aws-cdk:subnet-name
Value: Public
- Key: aws-cdk:subnet-type
Value: Public
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/Subnet
MyVpcPublicSubnet2RouteTable1DF17386:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: MyVpcF9F0CA6F
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet2
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/RouteTable
MyVpcPublicSubnet2RouteTableAssociation227DE78D:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: MyVpcPublicSubnet2RouteTable1DF17386
SubnetId:
Ref: MyVpcPublicSubnet2Subnet492B6BFB
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/RouteTableAssociation
MyVpcPublicSubnet2DefaultRoute052936F6:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: MyVpcPublicSubnet2RouteTable1DF17386
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: MyVpcIGW5C4A4F63
DependsOn:
- MyVpcVPCGW488ACE0D
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/DefaultRoute
MyVpcPublicSubnet2EIP8CCBA239:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/EIP
MyVpcPublicSubnet2NATGateway91BFBEC9:
Type: AWS::EC2::NatGateway
Properties:
AllocationId:
Fn::GetAtt:
- MyVpcPublicSubnet2EIP8CCBA239
- AllocationId
SubnetId:
Ref: MyVpcPublicSubnet2Subnet492B6BFB
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PublicSubnet2
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PublicSubnet2/NATGateway
MyVpcPrivateSubnet1Subnet5057CF7E:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.128.0/18
VpcId:
Ref: MyVpcF9F0CA6F
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ""
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PrivateSubnet1
- Key: aws-cdk:subnet-name
Value: Private
- Key: aws-cdk:subnet-type
Value: Private
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet1/Subnet
MyVpcPrivateSubnet1RouteTable8819E6E2:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: MyVpcF9F0CA6F
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PrivateSubnet1
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet1/RouteTable
MyVpcPrivateSubnet1RouteTableAssociation56D38C7E:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: MyVpcPrivateSubnet1RouteTable8819E6E2
SubnetId:
Ref: MyVpcPrivateSubnet1Subnet5057CF7E
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet1/RouteTableAssociation
MyVpcPrivateSubnet1DefaultRouteA8CDE2FA:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: MyVpcPrivateSubnet1RouteTable8819E6E2
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId:
Ref: MyVpcPublicSubnet1NATGatewayAD3400C1
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet1/DefaultRoute
MyVpcPrivateSubnet2Subnet0040C983:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.192.0/18
VpcId:
Ref: MyVpcF9F0CA6F
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PrivateSubnet2
- Key: aws-cdk:subnet-name
Value: Private
- Key: aws-cdk:subnet-type
Value: Private
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet2/Subnet
MyVpcPrivateSubnet2RouteTableCEDCEECE:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: MyVpcF9F0CA6F
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc/PrivateSubnet2
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet2/RouteTable
MyVpcPrivateSubnet2RouteTableAssociation86A610DA:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: MyVpcPrivateSubnet2RouteTableCEDCEECE
SubnetId:
Ref: MyVpcPrivateSubnet2Subnet0040C983
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet2/RouteTableAssociation
MyVpcPrivateSubnet2DefaultRoute9CE96294:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: MyVpcPrivateSubnet2RouteTableCEDCEECE
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId:
Ref: MyVpcPublicSubnet2NATGateway91BFBEC9
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/PrivateSubnet2/DefaultRoute
MyVpcIGW5C4A4F63:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: MyEcsConstruct/MyVpc
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/IGW
MyVpcVPCGW488ACE0D:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: MyVpcF9F0CA6F
InternetGatewayId:
Ref: MyVpcIGW5C4A4F63
Metadata:
aws:cdk:path: MyEcsConstruct/MyVpc/VPCGW
MyCluster4C1BA579:
Type: AWS::ECS::Cluster
Metadata:
aws:cdk:path: MyEcsConstruct/MyCluster/Resource
MyFargateServiceLBDE830E97:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
LoadBalancerAttributes: []
Scheme: internet-facing
SecurityGroups:
- Fn::GetAtt:
- MyFargateServiceLBSecurityGroup6FBF16F1
- GroupId
Subnets:
- Ref: MyVpcPublicSubnet1SubnetF6608456
- Ref: MyVpcPublicSubnet2Subnet492B6BFB
Type: application
DependsOn:
- MyVpcPublicSubnet1DefaultRoute95FDF9EB
- MyVpcPublicSubnet2DefaultRoute052936F6
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/LB/Resource
MyFargateServiceLBSecurityGroup6FBF16F1:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Automatically created Security Group for ELB MyEcsConstructMyFargateServiceLB5E4E9AE3
SecurityGroupEgress: []
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: Allow from anyone on port 80
FromPort: 80
IpProtocol: tcp
ToPort: 80
VpcId:
Ref: MyVpcF9F0CA6F
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/LB/SecurityGroup/Resource
MyFargateServiceLBSecurityGrouptoMyEcsConstructMyFargateServiceSecurityGroup67F71DB380B308A4F1:
Type: AWS::EC2::SecurityGroupEgress
Properties:
GroupId:
Fn::GetAtt:
- MyFargateServiceLBSecurityGroup6FBF16F1
- GroupId
IpProtocol: tcp
Description: Load balancer to target
DestinationSecurityGroupId:
Fn::GetAtt:
- MyFargateServiceSecurityGroup7016792A
- GroupId
FromPort: 80
ToPort: 80
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/LB/SecurityGroup/to MyEcsConstructMyFargateServiceSecurityGroup67F71DB3:80
MyFargateServiceLBPublicListener61A1042F:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- TargetGroupArn:
Ref: MyFargateServiceLBPublicListenerECSGroup4A3EDF05
Type: forward
LoadBalancerArn:
Ref: MyFargateServiceLBDE830E97
Port: 80
Protocol: HTTP
Certificates: []
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/LB/PublicListener/Resource
MyFargateServiceLBPublicListenerECSGroup4A3EDF05:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Port: 80
Protocol: HTTP
TargetGroupAttributes: []
Targets: []
TargetType: ip
VpcId:
Ref: MyVpcF9F0CA6F
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/LB/PublicListener/ECSGroup/Resource
MyFargateServiceTaskDefTaskRole62C7D397:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service:
Fn::Join:
- ""
- - ecs-tasks.
- Ref: AWS::URLSuffix
Version: "2012-10-17"
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/TaskDef/TaskRole/Resource
MyFargateServiceTaskDef5DA17B39:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Essential: true
Image: amazon/amazon-ecs-sample
Links: []
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group:
Ref: MyFargateServiceTaskDefwebLogGroup4A6C44E8
awslogs-stream-prefix: MyFargateService
awslogs-region:
Ref: AWS::Region
MountPoints: []
Name: web
PortMappings:
- ContainerPort: 80
Protocol: tcp
Ulimits: []
VolumesFrom: []
Cpu: "512"
ExecutionRoleArn:
Fn::GetAtt:
- MyFargateServiceTaskDefExecutionRoleD6305504
- Arn
Family: MyEcsConstructMyFargateServiceTaskDef164AB9B9
Memory: "2048"
NetworkMode: awsvpc
RequiresCompatibilities:
- FARGATE
TaskRoleArn:
Fn::GetAtt:
- MyFargateServiceTaskDefTaskRole62C7D397
- Arn
Volumes: []
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/TaskDef/Resource
MyFargateServiceTaskDefwebLogGroup4A6C44E8:
Type: AWS::Logs::LogGroup
DeletionPolicy: Retain
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/TaskDef/web/LogGroup/Resource
MyFargateServiceTaskDefExecutionRoleD6305504:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
- Action: sts:AssumeRole
Effect: Allow
Principal:
Service:
Fn::Join:
- ""
- - ecs-tasks.
- Ref: AWS::URLSuffix
Version: "2012-10-17"
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/TaskDef/ExecutionRole/Resource
MyFargateServiceTaskDefExecutionRoleDefaultPolicyEC22B20F:
Type: AWS::IAM::Policy
Properties:
PolicyDocument:
Statement:
- Action:
- logs:CreateLogStream
- logs:PutLogEvents
Effect: Allow
Resource:
Fn::GetAtt:
- MyFargateServiceTaskDefwebLogGroup4A6C44E8
- Arn
Version: "2012-10-17"
PolicyName: MyFargateServiceTaskDefExecutionRoleDefaultPolicyEC22B20F
Roles:
- Ref: MyFargateServiceTaskDefExecutionRoleD6305504
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/TaskDef/ExecutionRole/DefaultPolicy/Resource
MyFargateServiceF490C034:
Type: AWS::ECS::Service
Properties:
TaskDefinition:
Ref: MyFargateServiceTaskDef5DA17B39
Cluster:
Ref: MyCluster4C1BA579
DeploymentConfiguration:
MaximumPercent: 200
MinimumHealthyPercent: 50
DesiredCount: 6
HealthCheckGracePeriodSeconds: 60
LaunchType: FARGATE
LoadBalancers:
- ContainerName: web
ContainerPort: 80
TargetGroupArn:
Ref: MyFargateServiceLBPublicListenerECSGroup4A3EDF05
NetworkConfiguration:
AwsvpcConfiguration:
AssignPublicIp: DISABLED
SecurityGroups:
- Fn::GetAtt:
- MyFargateServiceSecurityGroup7016792A
- GroupId
Subnets:
- Ref: MyVpcPrivateSubnet1Subnet5057CF7E
- Ref: MyVpcPrivateSubnet2Subnet0040C983
ServiceRegistries: []
DependsOn:
- MyFargateServiceLBPublicListenerECSGroup4A3EDF05
- MyFargateServiceLBPublicListener61A1042F
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/Service/Service
MyFargateServiceSecurityGroup7016792A:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: MyEcsConstruct/MyFargateService/Service/SecurityGroup
SecurityGroupEgress:
- CidrIp: 0.0.0.0/0
Description: Allow all outbound traffic by default
IpProtocol: "-1"
SecurityGroupIngress: []
VpcId:
Ref: MyVpcF9F0CA6F
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/Service/SecurityGroup/Resource
MyFargateServiceSecurityGroupfromMyEcsConstructMyFargateServiceLBSecurityGroup8793A2F780B3ABD3C6:
Type: AWS::EC2::SecurityGroupIngress
Properties:
IpProtocol: tcp
Description: Load balancer to target
FromPort: 80
GroupId:
Fn::GetAtt:
- MyFargateServiceSecurityGroup7016792A
- GroupId
SourceSecurityGroupId:
Fn::GetAtt:
- MyFargateServiceLBSecurityGroup6FBF16F1
- GroupId
ToPort: 80
Metadata:
aws:cdk:path: MyEcsConstruct/MyFargateService/Service/SecurityGroup/from MyEcsConstructMyFargateServiceLBSecurityGroup8793A2F7:80
Outputs:
MyFargateServiceLoadBalancerDNS704F6391:
Value:
Fn::GetAtt:
- MyFargateServiceLBDE830E97
- DNSName
You can’t perform that action at this time.