Amazon Elastic Container Service 模板代码段 - Amazon CloudFormation
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

Amazon Elastic Container Service 模板代码段

Amazon Elastic Container Service (Amazon ECS) 是一项容器管理服务,可让您轻松地在 Amazon Elastic Compute Cloud (Amazon EC2) 实例集群上运行、停止和管理 Docker 容器。

以下示例模板在 Amazon ECS 容器中利用 AutoScaling 和应用程序负载均衡器部署一个 Web 应用程序。有关更多信息,请参阅 Amazon Elastic Container Service Developer Guide 中的 Amazon ECS 入门

重要

有关最新的 AMI ID,请参阅 Amazon Elastic Container Service Developer Guide 中的 Amazon ECS 优化的 AMI

JSON

{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "KeyName": { "Type": "AWS::EC2::KeyPair::KeyName", "Description": "Name of an existing EC2 KeyPair to enable SSH access to the ECS instances." }, "VpcId": { "Type": "AWS::EC2::VPC::Id", "Description": "Select a VPC that allows instances to access the Internet." }, "SubnetId": { "Type": "List<AWS::EC2::Subnet::Id>", "Description": "Select at least two subnets in your selected VPC." }, "DesiredCapacity": { "Type": "Number", "Default": "1", "Description": "Number of instances to launch in your ECS cluster." }, "MaxSize": { "Type": "Number", "Default": "1", "Description": "Maximum number of instances that can be launched in your ECS cluster." }, "InstanceType": { "Description": "EC2 instance type", "Type": "String", "Default": "t2.micro", "AllowedValues": [ "t2.micro", "t2.small", "t2.medium", "t2.large", "m3.medium", "m3.large", "m3.xlarge", "m3.2xlarge", "m4.large", "m4.xlarge", "m4.2xlarge", "m4.4xlarge", "m4.10xlarge", "c4.large", "c4.xlarge", "c4.2xlarge", "c4.4xlarge", "c4.8xlarge", "c3.large", "c3.xlarge", "c3.2xlarge", "c3.4xlarge", "c3.8xlarge", "r3.large", "r3.xlarge", "r3.2xlarge", "r3.4xlarge", "r3.8xlarge", "i2.xlarge", "i2.2xlarge", "i2.4xlarge", "i2.8xlarge" ], "ConstraintDescription": "Please choose a valid instance type." } }, "Mappings": { "AWSRegionToAMI": { "us-east-1": { "AMIID": "ami-09bee01cc997a78a6" }, "us-east-2": { "AMIID": "ami-0a9e12068cb98a01d" }, "us-west-1": { "AMIID": "ami-0fa6c8d131a220017" }, "us-west-2": { "AMIID": "ami-078c97cf1cefd1b38" }, "eu-west-1": { "AMIID": "ami-0c9ef930279337028" }, "eu-central-1": { "AMIID": "ami-065c1e34da68f2b02" }, "ap-northeast-1": { "AMIID": "ami-02265963d1614d04d" }, "ap-southeast-1": { "AMIID": "ami-0b68661b29b9e058c" }, "ap-southeast-2": { "AMIID": "ami-00e4b147599c13588" } } }, "Resources": { "ECSCluster": { "Type": "AWS::ECS::Cluster" }, "EcsSecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "ECS Security Group", "VpcId": { "Ref": "VpcId" } } }, "EcsSecurityGroupHTTPinbound": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { "GroupId": { "Ref": "EcsSecurityGroup" }, "IpProtocol": "tcp", "FromPort": 80, "ToPort": 80, "CidrIp": "0.0.0.0/0" } }, "EcsSecurityGroupSSHinbound": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { "GroupId": { "Ref": "EcsSecurityGroup" }, "IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "CidrIp": "0.0.0.0/0" } }, "EcsSecurityGroupALBports": { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { "GroupId": { "Ref": "EcsSecurityGroup" }, "IpProtocol": "tcp", "FromPort": 31000, "ToPort": 61000, "SourceSecurityGroupId": { "Ref": "EcsSecurityGroup" } } }, "CloudwatchLogsGroup": { "Type": "AWS::Logs::LogGroup", "Properties": { "LogGroupName": { "Fn::Join": [ "-", [ "ECSLogGroup", { "Ref": "AWS::StackName" } ] ] }, "RetentionInDays": 14 } }, "taskdefinition": { "Type": "AWS::ECS::TaskDefinition", "Properties": { "Family": { "Fn::Join": [ "", [ { "Ref": "AWS::StackName" }, "-ecs-demo-app" ] ] }, "ContainerDefinitions": [ { "Name": "simple-app", "Cpu": "10", "Essential": "true", "Image": "httpd:2.4", "Memory": "300", "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "CloudwatchLogsGroup" }, "awslogs-region": { "Ref": "AWS::Region" }, "awslogs-stream-prefix": "ecs-demo-app" } }, "MountPoints": [ { "ContainerPath": "/usr/local/apache2/htdocs", "SourceVolume": "my-vol" } ], "PortMappings": [ { "ContainerPort": 80 } ] }, { "Name": "busybox", "Cpu": 10, "Command": [ "/bin/sh -c \"while true; do echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p>' > top; /bin/date > date ; echo '</div></body></html>' > bottom; cat top date bottom > /usr/local/apache2/htdocs/index.html ; sleep 1; done\"" ], "EntryPoint": [ "sh", "-c" ], "Essential": false, "Image": "busybox", "Memory": 200, "LogConfiguration": { "LogDriver": "awslogs", "Options": { "awslogs-group": { "Ref": "CloudwatchLogsGroup" }, "awslogs-region": { "Ref": "AWS::Region" }, "awslogs-stream-prefix": "ecs-demo-app" } }, "VolumesFrom": [ { "SourceContainer": "simple-app" } ] } ], "Volumes": [ { "Name": "my-vol" } ] } }, "ECSALB": { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { "Name": "ECSALB", "Scheme": "internet-facing", "LoadBalancerAttributes": [ { "Key": "idle_timeout.timeout_seconds", "Value": "30" } ], "Subnets": { "Ref": "SubnetId" }, "SecurityGroups": [ { "Ref": "EcsSecurityGroup" } ] } }, "ALBListener": { "Type": "AWS::ElasticLoadBalancingV2::Listener", "DependsOn": "ECSServiceRole", "Properties": { "DefaultActions": [ { "Type": "forward", "TargetGroupArn": { "Ref": "ECSTG" } } ], "LoadBalancerArn": { "Ref": "ECSALB" }, "Port": "80", "Protocol": "HTTP" } }, "ECSALBListenerRule": { "Type": "AWS::ElasticLoadBalancingV2::ListenerRule", "DependsOn": "ALBListener", "Properties": { "Actions": [ { "Type": "forward", "TargetGroupArn": { "Ref": "ECSTG" } } ], "Conditions": [ { "Field": "path-pattern", "Values": [ "/" ] } ], "ListenerArn": { "Ref": "ALBListener" }, "Priority": 1 } }, "ECSTG": { "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", "DependsOn": "ECSALB", "Properties": { "HealthCheckIntervalSeconds": 10, "HealthCheckPath": "/", "HealthCheckProtocol": "HTTP", "HealthCheckTimeoutSeconds": 5, "HealthyThresholdCount": 2, "Name": "ECSTG", "Port": 80, "Protocol": "HTTP", "UnhealthyThresholdCount": 2, "VpcId": { "Ref": "VpcId" } } }, "ECSAutoScalingGroup": { "Type": "AWS::AutoScaling::AutoScalingGroup", "Properties": { "VPCZoneIdentifier": { "Ref": "SubnetId" }, "LaunchConfigurationName": { "Ref": "ContainerInstances" }, "MinSize": "1", "MaxSize": { "Ref": "MaxSize" }, "DesiredCapacity": { "Ref": "DesiredCapacity" } }, "CreationPolicy": { "ResourceSignal": { "Timeout": "PT15M" } }, "UpdatePolicy": { "AutoScalingReplacingUpdate": { "WillReplace": "true" } } }, "ContainerInstances": { "Type": "AWS::AutoScaling::LaunchConfiguration", "Properties": { "ImageId": { "Fn::FindInMap": [ "AWSRegionToAMI", { "Ref": "AWS::Region" }, "AMIID" ] }, "SecurityGroups": [ { "Ref": "EcsSecurityGroup" } ], "InstanceType": { "Ref": "InstanceType" }, "IamInstanceProfile": { "Ref": "EC2InstanceProfile" }, "KeyName": { "Ref": "KeyName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "#!/bin/bash -xe\n", "echo ECS_CLUSTER=", { "Ref": "ECSCluster" }, " >> /etc/ecs/ecs.config\n", "yum install -y aws-cfn-bootstrap\n", "/opt/aws/bin/cfn-signal -e $? ", " --stack ", { "Ref": "AWS::StackName" }, " --resource ECSAutoScalingGroup ", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } } } }, "service": { "Type": "AWS::ECS::Service", "DependsOn": "ALBListener", "Properties": { "Cluster": { "Ref": "ECSCluster" }, "DesiredCount": "1", "LoadBalancers": [ { "ContainerName": "simple-app", "ContainerPort": "80", "TargetGroupArn": { "Ref": "ECSTG" } } ], "Role": { "Ref": "ECSServiceRole" }, "TaskDefinition": { "Ref": "taskdefinition" } } }, "ECSServiceRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "ecs.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Path": "/", "Policies": [ { "PolicyName": "ecs-service", "PolicyDocument": { "Statement": [ { "Effect": "Allow", "Action": [ "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DeregisterTargets", "elasticloadbalancing:Describe*", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:RegisterTargets", "ec2:Describe*", "ec2:AuthorizeSecurityGroupIngress" ], "Resource": "*" } ] } } ] } }, "ServiceScalingTarget": { "Type": "AWS::ApplicationAutoScaling::ScalableTarget", "DependsOn": "service", "Properties": { "MaxCapacity": 2, "MinCapacity": 1, "ResourceId": { "Fn::Join": [ "", [ "service/", { "Ref": "ECSCluster" }, "/", { "Fn::GetAtt": [ "service", "Name" ] } ] ] }, "RoleARN": { "Fn::GetAtt": [ "AutoscalingRole", "Arn" ] }, "ScalableDimension": "ecs:service:DesiredCount", "ServiceNamespace": "ecs" } }, "ServiceScalingPolicy": { "Type": "AWS::ApplicationAutoScaling::ScalingPolicy", "Properties": { "PolicyName": "AStepPolicy", "PolicyType": "StepScaling", "ScalingTargetId": { "Ref": "ServiceScalingTarget" }, "StepScalingPolicyConfiguration": { "AdjustmentType": "PercentChangeInCapacity", "Cooldown": 60, "MetricAggregationType": "Average", "StepAdjustments": [ { "MetricIntervalLowerBound": 0, "ScalingAdjustment": 200 } ] } } }, "ALB500sAlarmScaleUp": { "Type": "AWS::CloudWatch::Alarm", "Properties": { "EvaluationPeriods": "1", "Statistic": "Average", "Threshold": "10", "AlarmDescription": "Alarm if our ALB generates too many HTTP 500s.", "Period": "60", "AlarmActions": [ { "Ref": "ServiceScalingPolicy" } ], "Namespace": "AWS/ApplicationELB", "Dimensions": [ { "Name": "LoadBalancer", "Value": { "Fn::GetAtt": [ "ECSALB", "LoadBalancerFullName" ] } } ], "ComparisonOperator": "GreaterThanThreshold", "MetricName": "HTTPCode_ELB_5XX_Count" } }, "EC2Role": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "ec2.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Path": "/", "Policies": [ { "PolicyName": "ecs-service", "PolicyDocument": { "Statement": [ { "Effect": "Allow", "Action": [ "ecs:CreateCluster", "ecs:DeregisterContainerInstance", "ecs:DiscoverPollEndpoint", "ecs:Poll", "ecs:RegisterContainerInstance", "ecs:StartTelemetrySession", "ecs:Submit*", "logs:CreateLogStream", "logs:PutLogEvents" ], "Resource": "*" } ] } } ] } }, "AutoscalingRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "application-autoscaling.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Path": "/", "Policies": [ { "PolicyName": "service-autoscaling", "PolicyDocument": { "Statement": [ { "Effect": "Allow", "Action": [ "application-autoscaling:*", "cloudwatch:DescribeAlarms", "cloudwatch:PutMetricAlarm", "ecs:DescribeServices", "ecs:UpdateService" ], "Resource": "*" } ] } } ] } }, "EC2InstanceProfile": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ { "Ref": "EC2Role" } ] } } }, "Outputs": { "ecsservice": { "Value": { "Ref": "service" } }, "ecscluster": { "Value": { "Ref": "ECSCluster" } }, "ECSALB": { "Description": "Your ALB DNS URL", "Value": { "Fn::Join": [ "", [ { "Fn::GetAtt": [ "ECSALB", "DNSName" ] } ] ] } }, "taskdef": { "Value": { "Ref": "taskdefinition" } } } }

YAML

AWSTemplateFormatVersion: 2010-09-09 Parameters: KeyName: Type: 'AWS::EC2::KeyPair::KeyName' Description: Name of an existing EC2 KeyPair to enable SSH access to the ECS instances. VpcId: Type: 'AWS::EC2::VPC::Id' Description: Select a VPC that allows instances to access the Internet. SubnetId: Type: 'List<AWS::EC2::Subnet::Id>' Description: Select at least two subnets in your selected VPC. DesiredCapacity: Type: Number Default: '1' Description: Number of instances to launch in your ECS cluster. MaxSize: Type: Number Default: '1' Description: Maximum number of instances that can be launched in your ECS cluster. InstanceType: Description: EC2 instance type Type: String Default: t2.micro AllowedValues: - t2.micro - t2.small - t2.medium - t2.large - m3.medium - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - c3.large - c3.xlarge - c3.2xlarge - c3.4xlarge - c3.8xlarge - r3.large - r3.xlarge - r3.2xlarge - r3.4xlarge - r3.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge ConstraintDescription: Please choose a valid instance type. Mappings: AWSRegionToAMI: us-east-1: AMIID: ami-09bee01cc997a78a6 us-east-2: AMIID: ami-0a9e12068cb98a01d us-west-1: AMIID: ami-0fa6c8d131a220017 us-west-2: AMIID: ami-078c97cf1cefd1b38 eu-west-1: AMIID: ami-0c9ef930279337028 eu-central-1: AMIID: ami-065c1e34da68f2b02 ap-northeast-1: AMIID: ami-02265963d1614d04d ap-southeast-1: AMIID: ami-0b68661b29b9e058c ap-southeast-2: AMIID: ami-00e4b147599c13588 Resources: ECSCluster: Type: 'AWS::ECS::Cluster' EcsSecurityGroup: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: ECS Security Group VpcId: !Ref VpcId EcsSecurityGroupHTTPinbound: Type: 'AWS::EC2::SecurityGroupIngress' Properties: GroupId: !Ref EcsSecurityGroup IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: 0.0.0.0/0 EcsSecurityGroupSSHinbound: Type: 'AWS::EC2::SecurityGroupIngress' Properties: GroupId: !Ref EcsSecurityGroup IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: 0.0.0.0/0 EcsSecurityGroupALBports: Type: 'AWS::EC2::SecurityGroupIngress' Properties: GroupId: !Ref EcsSecurityGroup IpProtocol: tcp FromPort: 31000 ToPort: 61000 SourceSecurityGroupId: !Ref EcsSecurityGroup CloudwatchLogsGroup: Type: 'AWS::Logs::LogGroup' Properties: LogGroupName: !Join - '-' - - ECSLogGroup - !Ref 'AWS::StackName' RetentionInDays: 14 taskdefinition: Type: 'AWS::ECS::TaskDefinition' Properties: Family: !Join - '' - - !Ref 'AWS::StackName' - '-ecs-demo-app' ContainerDefinitions: - Name: simple-app Cpu: '10' Essential: 'true' Image: 'httpd:2.4' Memory: '300' LogConfiguration: LogDriver: awslogs Options: awslogs-group: !Ref CloudwatchLogsGroup awslogs-region: !Ref 'AWS::Region' awslogs-stream-prefix: ecs-demo-app MountPoints: - ContainerPath: /usr/local/apache2/htdocs SourceVolume: my-vol PortMappings: - ContainerPort: 80 - Name: busybox Cpu: 10 Command: - >- /bin/sh -c "while true; do echo '>html< >head< >title<Amazon ECS Sample App>/title< >style<body {margin-top: 40px; background-color: #333;} >/style< >/head<>body< >div style=color:white;text-align:center< >h1<Amazon ECS Sample App>/h1< >h2<Congratulations!>/h2< >p<Your application is now running on a container in Amazon ECS.>/p<' < top; /bin/date < date ; echo '>/div<>/body<>/html<' < bottom; cat top date bottom < /usr/local/apache2/htdocs/index.html ; sleep 1; done" EntryPoint: - sh - '-c' Essential: false Image: busybox Memory: 200 LogConfiguration: LogDriver: awslogs Options: awslogs-group: !Ref CloudwatchLogsGroup awslogs-region: !Ref 'AWS::Region' awslogs-stream-prefix: ecs-demo-app VolumesFrom: - SourceContainer: simple-app Volumes: - Name: my-vol ECSALB: Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' Properties: Name: ECSALB Scheme: internet-facing LoadBalancerAttributes: - Key: idle_timeout.timeout_seconds Value: '30' Subnets: !Ref SubnetId SecurityGroups: - !Ref EcsSecurityGroup ALBListener: Type: 'AWS::ElasticLoadBalancingV2::Listener' DependsOn: ECSServiceRole Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref ECSTG LoadBalancerArn: !Ref ECSALB Port: '80' Protocol: HTTP ECSALBListenerRule: Type: 'AWS::ElasticLoadBalancingV2::ListenerRule' DependsOn: ALBListener Properties: Actions: - Type: forward TargetGroupArn: !Ref ECSTG Conditions: - Field: path-pattern Values: - / ListenerArn: !Ref ALBListener Priority: 1 ECSTG: Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' DependsOn: ECSALB Properties: HealthCheckIntervalSeconds: 10 HealthCheckPath: / HealthCheckProtocol: HTTP HealthCheckTimeoutSeconds: 5 HealthyThresholdCount: 2 Name: ECSTG Port: 80 Protocol: HTTP UnhealthyThresholdCount: 2 VpcId: !Ref VpcId ECSAutoScalingGroup: Type: 'AWS::AutoScaling::AutoScalingGroup' Properties: VPCZoneIdentifier: !Ref SubnetId LaunchConfigurationName: !Ref ContainerInstances MinSize: '1' MaxSize: !Ref MaxSize DesiredCapacity: !Ref DesiredCapacity CreationPolicy: ResourceSignal: Timeout: PT15M UpdatePolicy: AutoScalingReplacingUpdate: WillReplace: 'true' ContainerInstances: Type: 'AWS::AutoScaling::LaunchConfiguration' Properties: ImageId: !FindInMap - AWSRegionToAMI - !Ref 'AWS::Region' - AMIID SecurityGroups: - !Ref EcsSecurityGroup InstanceType: !Ref InstanceType IamInstanceProfile: !Ref EC2InstanceProfile KeyName: !Ref KeyName UserData: !Base64 'Fn::Join': - '' - - | #!/bin/bash -xe - echo ECS_CLUSTER= - !Ref ECSCluster - |2 >> /etc/ecs/ecs.config - | yum install -y aws-cfn-bootstrap - '/opt/aws/bin/cfn-signal -e $? ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource ECSAutoScalingGroup ' - ' --region ' - !Ref 'AWS::Region' - |+ service: Type: 'AWS::ECS::Service' DependsOn: ALBListener Properties: Cluster: !Ref ECSCluster DesiredCount: '1' LoadBalancers: - ContainerName: simple-app ContainerPort: '80' TargetGroupArn: !Ref ECSTG Role: !Ref ECSServiceRole TaskDefinition: !Ref taskdefinition ECSServiceRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - ecs.amazonaws.com Action: - 'sts:AssumeRole' Path: / Policies: - PolicyName: ecs-service PolicyDocument: Statement: - Effect: Allow Action: - 'elasticloadbalancing:DeregisterInstancesFromLoadBalancer' - 'elasticloadbalancing:DeregisterTargets' - 'elasticloadbalancing:Describe*' - 'elasticloadbalancing:RegisterInstancesWithLoadBalancer' - 'elasticloadbalancing:RegisterTargets' - 'ec2:Describe*' - 'ec2:AuthorizeSecurityGroupIngress' Resource: '*' ServiceScalingTarget: Type: 'AWS::ApplicationAutoScaling::ScalableTarget' DependsOn: service Properties: MaxCapacity: 2 MinCapacity: 1 ResourceId: !Join - '' - - service/ - !Ref ECSCluster - / - !GetAtt - service - Name RoleARN: !GetAtt - AutoscalingRole - Arn ScalableDimension: 'ecs:service:DesiredCount' ServiceNamespace: ecs ServiceScalingPolicy: Type: 'AWS::ApplicationAutoScaling::ScalingPolicy' Properties: PolicyName: AStepPolicy PolicyType: StepScaling ScalingTargetId: !Ref ServiceScalingTarget StepScalingPolicyConfiguration: AdjustmentType: PercentChangeInCapacity Cooldown: 60 MetricAggregationType: Average StepAdjustments: - MetricIntervalLowerBound: 0 ScalingAdjustment: 200 ALB500sAlarmScaleUp: Type: 'AWS::CloudWatch::Alarm' Properties: EvaluationPeriods: '1' Statistic: Average Threshold: '10' AlarmDescription: Alarm if our ALB generates too many HTTP 500s. Period: '60' AlarmActions: - !Ref ServiceScalingPolicy Namespace: AWS/ApplicationELB Dimensions: - Name: LoadBalancer Value: !GetAtt - ECSALB - LoadBalancerFullName ComparisonOperator: GreaterThanThreshold MetricName: HTTPCode_ELB_5XX_Count EC2Role: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - 'sts:AssumeRole' Path: / Policies: - PolicyName: ecs-service PolicyDocument: Statement: - Effect: Allow Action: - 'ecs:CreateCluster' - 'ecs:DeregisterContainerInstance' - 'ecs:DiscoverPollEndpoint' - 'ecs:Poll' - 'ecs:RegisterContainerInstance' - 'ecs:StartTelemetrySession' - 'ecs:Submit*' - 'logs:CreateLogStream' - 'logs:PutLogEvents' Resource: '*' AutoscalingRole: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - application-autoscaling.amazonaws.com Action: - 'sts:AssumeRole' Path: / Policies: - PolicyName: service-autoscaling PolicyDocument: Statement: - Effect: Allow Action: - 'application-autoscaling:*' - 'cloudwatch:DescribeAlarms' - 'cloudwatch:PutMetricAlarm' - 'ecs:DescribeServices' - 'ecs:UpdateService' Resource: '*' EC2InstanceProfile: Type: 'AWS::IAM::InstanceProfile' Properties: Path: / Roles: - !Ref EC2Role Outputs: ecsservice: Value: !Ref service ecscluster: Value: !Ref ECSCluster ECSALB: Description: Your ALB DNS URL Value: !Join - '' - - !GetAtt - ECSALB - DNSName taskdef: Value: !Ref taskdefinition