Add Support for ECS Exec

[AffiTheCreator]

ECS Exec has been a heavily requested feature in the ECS community. For dev purposes, when testing a container deployment within SaaS boost, having the option to add ECS Exec would facilitate the debugging process making the deployment process faster

Use Case

When building a container for production, having access to the container to check what is happening is a must. The logs provided sometimes are not enough. ECS Exec allows me to launch an interactive shell and run a few tests from there.
My current method to launch and test my containers is running a local docker installation and replicate the fargate constraints and then open an interactive shell to see what is going on.

Proposed Solution

Similar to the File System, Database and billing, have another section called advanced, this section is reserved for dev purpose only.
If the ECS Exec is checked then during the tenant onboarding process fargate cluster will be configured to accept ECS Exec commands.

Other

ECSTaskDefinition:
   Type: AWS::ECS::TaskDefinition
   Properties:
     Family:
       Fn::Join: ['', ['tenant-', !Select [0, !Split ['-', !Ref TenantId]]]]
     ExecutionRoleArn: !GetAtt ECSTaskExecutionRole.Arn
     TaskRoleArn: !GetAtt ECSTaskRole.Arn
     RequiresCompatibilities:
       Fn::If:
         - WindowsOS
         - - EC2
         - - FARGATE
     Memory: !If [WindowsOS, !Ref 'AWS::NoValue', !Ref TaskMemory]
     Cpu: !If [WindowsOS, !Ref 'AWS::NoValue', !Ref TaskCPU]
     NetworkMode: !If [WindowsOS, !Ref 'AWS::NoValue', awsvpc]
     Tags:
       - Key: Tenant
         Value: !Ref TenantId
     ContainerDefinitions:
       - Name:
           Fn::Join: ['', ['tenant-', !Select [0, !Split ['-', !Ref TenantId]]]]
         Image: !Sub ${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/${ContainerRepository}:latest
         Cpu: !If [WindowsOS, !Ref TaskCPU, !Ref 'AWS::NoValue']
         Memory: !If [WindowsOS, !Ref TaskMemory, !Ref 'AWS::NoValue']
         # Author: AffiTheCreator
         # 
         # Adds ECS Exec 
         # See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html # Optional task definition changes
         #
         # WIP 
         # TODO
         # 1. Add checkbox in Administration application to add such choice to tenant.
         # 2. Make vatiable into !Ref similar to EFS, DATABASE , PORT , etc 
         LinuxParameters: 
           - InitProcessEnabled: true
         PortMappings:
           - ContainerPort: !Ref ContainerPort
         LogConfiguration:
           LogDriver: awslogs
           Options:
             awslogs-group: !Ref ECSLogGroup
             awslogs-region: !Ref AWS::Region
             awslogs-stream-prefix: ecs

From what I could understand from the ECS Exec documentation by adding LinuxParameters: entry the feature is enabled

• 👋 I may be able to implement this feature request
• ⚠️ This feature might incur a breaking change

---

This is a 🚀 Feature Request

[hariohmprasath]

Hi @AffiTheCreator ,

You can retry the same scenario by using the updated cloudformation template highlighted in this commit. Replace this CFN file in the S3 bucket associated with the Saas environment. You can find the bucket information part of sd-<env> cloudformation stack under Outputs tab -> SaasBoostBucket.

Create a new tenant and you you should be able to do aws ecs execute-command in the fargate container

~ Hari