From e8d823797c5020193bfe2c6fef39369057717298 Mon Sep 17 00:00:00 2001 From: GZ Date: Mon, 16 Dec 2024 18:10:33 -0800 Subject: [PATCH] revert(ecs): machineImageType support AL2023 (#32550) Reverts aws/aws-cdk#32509 as there's known issue with the flag usage `canContainersAccessInstanceRole`. We're deprecating this flag usage and should not introduce any new changes to this flag that will cause more users to use it. --- ...efaultTestDeployAssertD137D68D.assets.json | 19 - ...aultTestDeployAssertD137D68D.template.json | 36 - .../cdk.out | 1 - .../integ-ecs-al2023-ami.assets.json | 19 - .../integ-ecs-al2023-ami.template.json | 965 ---------- .../integ.json | 12 - .../manifest.json | 359 ---- .../tree.json | 1612 ----------------- .../test/integ.cluster-amazonlinux2023.ts | 34 - packages/aws-cdk-lib/aws-ecs/README.md | 22 - packages/aws-cdk-lib/aws-ecs/lib/cluster.ts | 44 +- .../aws-cdk-lib/aws-ecs/test/cluster.test.ts | 55 - 12 files changed, 14 insertions(+), 3164 deletions(-) delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/cdk.out delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.assets.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.template.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/manifest.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/tree.json delete mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets.json deleted file mode 100644 index a03057f676554..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "38.0.1", - "files": { - "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { - "source": { - "path": "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json deleted file mode 100644 index ad9d0fb73d1dd..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "Parameters": { - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/cdk.out deleted file mode 100644 index c6e612584e352..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/cdk.out +++ /dev/null @@ -1 +0,0 @@ -{"version":"38.0.1"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.assets.json deleted file mode 100644 index 3b6e175d73dc6..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.assets.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "version": "38.0.1", - "files": { - "1d78f5700b508a032ad55506bac760f63a742fa788779520dfe06e083d329245": { - "source": { - "path": "integ-ecs-al2023-ami.template.json", - "packaging": "file" - }, - "destinations": { - "current_account-current_region": { - "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", - "objectKey": "1d78f5700b508a032ad55506bac760f63a742fa788779520dfe06e083d329245.json", - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" - } - } - } - }, - "dockerImages": {} -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.template.json deleted file mode 100644 index 5adc2bc425c94..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ-ecs-al2023-ami.template.json +++ /dev/null @@ -1,965 +0,0 @@ -{ - "Resources": { - "Vpc8378EB38": { - "Type": "AWS::EC2::VPC", - "Properties": { - "CidrBlock": "10.0.0.0/16", - "EnableDnsHostnames": true, - "EnableDnsSupport": true, - "InstanceTenancy": "default", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc" - } - ] - } - }, - "VpcPublicSubnet1Subnet5C2D37C4": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.0.0/18", - "MapPublicIpOnLaunch": true, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Public" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Public" - }, - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPublicSubnet1RouteTable6C95E38E": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPublicSubnet1RouteTableAssociation97140677": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - }, - "SubnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - } - } - }, - "VpcPublicSubnet1DefaultRoute3DA9E72A": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "RouteTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - } - }, - "DependsOn": [ - "VpcVPCGWBF912B6E" - ] - }, - "VpcPublicSubnet1EIPD7E02669": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ] - } - }, - "VpcPublicSubnet1NATGateway4D7517AA": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "AllocationId": { - "Fn::GetAtt": [ - "VpcPublicSubnet1EIPD7E02669", - "AllocationId" - ] - }, - "SubnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - }, - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ] - }, - "DependsOn": [ - "VpcPublicSubnet1DefaultRoute3DA9E72A", - "VpcPublicSubnet1RouteTableAssociation97140677" - ] - }, - "VpcPublicSubnet2Subnet691E08A3": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.64.0/18", - "MapPublicIpOnLaunch": true, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Public" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Public" - }, - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPublicSubnet2RouteTable94F7E489": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPublicSubnet2RouteTableAssociationDD5762D8": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - }, - "SubnetId": { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - } - } - }, - "VpcPublicSubnet2DefaultRoute97F91067": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "GatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "RouteTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - } - }, - "DependsOn": [ - "VpcVPCGWBF912B6E" - ] - }, - "VpcPublicSubnet2EIP3C605A87": { - "Type": "AWS::EC2::EIP", - "Properties": { - "Domain": "vpc", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ] - } - }, - "VpcPublicSubnet2NATGateway9182C01D": { - "Type": "AWS::EC2::NatGateway", - "Properties": { - "AllocationId": { - "Fn::GetAtt": [ - "VpcPublicSubnet2EIP3C605A87", - "AllocationId" - ] - }, - "SubnetId": { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - }, - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ] - }, - "DependsOn": [ - "VpcPublicSubnet2DefaultRoute97F91067", - "VpcPublicSubnet2RouteTableAssociationDD5762D8" - ] - }, - "VpcPrivateSubnet1Subnet536B997A": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.128.0/18", - "MapPublicIpOnLaunch": false, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Private" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Private" - }, - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPrivateSubnet1RouteTableB2C5B500": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - }, - "SubnetId": { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - } - }, - "VpcPrivateSubnet1DefaultRouteBE02A9ED": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Ref": "VpcPublicSubnet1NATGateway4D7517AA" - }, - "RouteTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - } - } - }, - "VpcPrivateSubnet2Subnet3788AAA1": { - "Type": "AWS::EC2::Subnet", - "Properties": { - "AvailabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "CidrBlock": "10.0.192.0/18", - "MapPublicIpOnLaunch": false, - "Tags": [ - { - "Key": "aws-cdk:subnet-name", - "Value": "Private" - }, - { - "Key": "aws-cdk:subnet-type", - "Value": "Private" - }, - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPrivateSubnet2RouteTableA678073B": { - "Type": "AWS::EC2::RouteTable", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { - "Type": "AWS::EC2::SubnetRouteTableAssociation", - "Properties": { - "RouteTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - }, - "SubnetId": { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - } - }, - "VpcPrivateSubnet2DefaultRoute060D2087": { - "Type": "AWS::EC2::Route", - "Properties": { - "DestinationCidrBlock": "0.0.0.0/0", - "NatGatewayId": { - "Ref": "VpcPublicSubnet2NATGateway9182C01D" - }, - "RouteTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - } - } - }, - "VpcIGWD7BA715C": { - "Type": "AWS::EC2::InternetGateway", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/Vpc" - } - ] - } - }, - "VpcVPCGWBF912B6E": { - "Type": "AWS::EC2::VPCGatewayAttachment", - "Properties": { - "InternetGatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "ClusterEB0386A7": { - "Type": "AWS::ECS::Cluster" - }, - "Cluster3DA9CCBA": { - "Type": "AWS::ECS::ClusterCapacityProviderAssociations", - "Properties": { - "CapacityProviders": [ - { - "Ref": "EC2CapacityProvider5A2E35CD" - } - ], - "Cluster": { - "Ref": "ClusterEB0386A7" - }, - "DefaultCapacityProviderStrategy": [] - } - }, - "ASGInstanceSecurityGroup0525485D": { - "Type": "AWS::EC2::SecurityGroup", - "Properties": { - "GroupDescription": "integ-ecs-al2023-ami/ASG/InstanceSecurityGroup", - "SecurityGroupEgress": [ - { - "CidrIp": "0.0.0.0/0", - "Description": "Allow all outbound traffic by default", - "IpProtocol": "-1" - } - ], - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ], - "VpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "ASGInstanceRoleE263A41B": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "ASGInstanceRoleDefaultPolicy7636D8BF": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ecs:DeregisterContainerInstance", - "ecs:RegisterContainerInstance", - "ecs:Submit*" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - }, - { - "Action": [ - "ecs:Poll", - "ecs:StartTelemetrySession" - ], - "Condition": { - "ArnEquals": { - "ecs:cluster": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - }, - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": [ - "ecr:GetAuthorizationToken", - "ecs:DiscoverPollEndpoint", - "logs:CreateLogStream", - "logs:PutLogEvents" - ], - "Effect": "Allow", - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "ASGInstanceRoleDefaultPolicy7636D8BF", - "Roles": [ - { - "Ref": "ASGInstanceRoleE263A41B" - } - ] - } - }, - "ASGInstanceProfile0A2834D7": { - "Type": "AWS::IAM::InstanceProfile", - "Properties": { - "Roles": [ - { - "Ref": "ASGInstanceRoleE263A41B" - } - ] - } - }, - "ASGLaunchTemplate0CA92847": { - "Type": "AWS::EC2::LaunchTemplate", - "Properties": { - "LaunchTemplateData": { - "IamInstanceProfile": { - "Arn": { - "Fn::GetAtt": [ - "ASGInstanceProfile0A2834D7", - "Arn" - ] - } - }, - "ImageId": { - "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2023recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" - }, - "InstanceType": "t2.micro", - "Monitoring": { - "Enabled": false - }, - "SecurityGroupIds": [ - { - "Fn::GetAtt": [ - "ASGInstanceSecurityGroup0525485D", - "GroupId" - ] - } - ], - "TagSpecifications": [ - { - "ResourceType": "instance", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - }, - { - "ResourceType": "volume", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - } - ], - "UserData": { - "Fn::Base64": { - "Fn::Join": [ - "", - [ - "#!/bin/bash\necho ECS_CLUSTER=", - { - "Ref": "ClusterEB0386A7" - }, - " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo iptables-save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" - ] - ] - } - } - }, - "TagSpecifications": [ - { - "ResourceType": "launch-template", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - } - ] - }, - "DependsOn": [ - "ASGInstanceRoleDefaultPolicy7636D8BF", - "ASGInstanceRoleE263A41B" - ] - }, - "ASG46ED3070": { - "Type": "AWS::AutoScaling::AutoScalingGroup", - "Properties": { - "LaunchTemplate": { - "LaunchTemplateId": { - "Ref": "ASGLaunchTemplate0CA92847" - }, - "Version": { - "Fn::GetAtt": [ - "ASGLaunchTemplate0CA92847", - "LatestVersionNumber" - ] - } - }, - "MaxSize": "1", - "MinSize": "0", - "Tags": [ - { - "Key": "Name", - "PropagateAtLaunch": true, - "Value": "integ-ecs-al2023-ami/ASG" - } - ], - "VPCZoneIdentifier": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - }, - { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - ] - }, - "UpdatePolicy": { - "AutoScalingScheduledAction": { - "IgnoreUnmodifiedGroupSizeProperties": true - } - } - }, - "ASGDrainECSHookFunctionServiceRoleC12963BB": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ], - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "ASGDrainECSHookFunctionServiceRoleDefaultPolicy16848A27": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": [ - "ec2:DescribeHosts", - "ec2:DescribeInstanceAttribute", - "ec2:DescribeInstanceStatus", - "ec2:DescribeInstances" - ], - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": "autoscaling:CompleteLifecycleAction", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":autoscaling:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":autoScalingGroup:*:autoScalingGroupName/", - { - "Ref": "ASG46ED3070" - } - ] - ] - } - }, - { - "Action": [ - "ecs:DescribeContainerInstances", - "ecs:DescribeTasks", - "ecs:ListTasks", - "ecs:UpdateContainerInstancesState" - ], - "Condition": { - "ArnEquals": { - "ecs:cluster": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - }, - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": [ - "ecs:ListContainerInstances", - "ecs:SubmitContainerStateChange", - "ecs:SubmitTaskStateChange" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "ASGDrainECSHookFunctionServiceRoleDefaultPolicy16848A27", - "Roles": [ - { - "Ref": "ASGDrainECSHookFunctionServiceRoleC12963BB" - } - ] - } - }, - "ASGDrainECSHookFunction5F24CF4D": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" - }, - "Environment": { - "Variables": { - "CLUSTER": { - "Ref": "ClusterEB0386A7" - } - } - }, - "Handler": "index.lambda_handler", - "Role": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunctionServiceRoleC12963BB", - "Arn" - ] - }, - "Runtime": "python3.9", - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ], - "Timeout": 310 - }, - "DependsOn": [ - "ASGDrainECSHookFunctionServiceRoleDefaultPolicy16848A27", - "ASGDrainECSHookFunctionServiceRoleC12963BB" - ] - }, - "ASGDrainECSHookFunctionAllowInvokeintegecsal2023amiASGLifecycleHookDrainHookTopic083F299FF8F99189": { - "Type": "AWS::Lambda::Permission", - "Properties": { - "Action": "lambda:InvokeFunction", - "FunctionName": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunction5F24CF4D", - "Arn" - ] - }, - "Principal": "sns.amazonaws.com", - "SourceArn": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - }, - "ASGDrainECSHookFunctionTopicD6FC59F7": { - "Type": "AWS::SNS::Subscription", - "Properties": { - "Endpoint": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunction5F24CF4D", - "Arn" - ] - }, - "Protocol": "lambda", - "TopicArn": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - }, - "ASGLifecycleHookDrainHookTopicA8AD4ACB": { - "Type": "AWS::SNS::Topic", - "Properties": { - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "ASGLifecycleHookDrainHookRoleD640316C": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "autoscaling.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "Tags": [ - { - "Key": "Name", - "Value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "ASGLifecycleHookDrainHookRoleDefaultPolicy3EEFDE57": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "sns:Publish", - "Effect": "Allow", - "Resource": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "ASGLifecycleHookDrainHookRoleDefaultPolicy3EEFDE57", - "Roles": [ - { - "Ref": "ASGLifecycleHookDrainHookRoleD640316C" - } - ] - } - }, - "ASGLifecycleHookDrainHookFE4AFEBE": { - "Type": "AWS::AutoScaling::LifecycleHook", - "Properties": { - "AutoScalingGroupName": { - "Ref": "ASG46ED3070" - }, - "DefaultResult": "CONTINUE", - "HeartbeatTimeout": 300, - "LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", - "NotificationTargetARN": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - }, - "RoleARN": { - "Fn::GetAtt": [ - "ASGLifecycleHookDrainHookRoleD640316C", - "Arn" - ] - } - }, - "DependsOn": [ - "ASGLifecycleHookDrainHookRoleDefaultPolicy3EEFDE57", - "ASGLifecycleHookDrainHookRoleD640316C" - ] - }, - "EC2CapacityProvider5A2E35CD": { - "Type": "AWS::ECS::CapacityProvider", - "Properties": { - "AutoScalingGroupProvider": { - "AutoScalingGroupArn": { - "Ref": "ASG46ED3070" - }, - "ManagedScaling": { - "Status": "ENABLED", - "TargetCapacity": 100 - }, - "ManagedTerminationProtection": "DISABLED" - } - } - } - }, - "Parameters": { - "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2023recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id" - }, - "BootstrapVersion": { - "Type": "AWS::SSM::Parameter::Value", - "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" - } - }, - "Rules": { - "CheckBootstrapVersion": { - "Assertions": [ - { - "Assert": { - "Fn::Not": [ - { - "Fn::Contains": [ - [ - "1", - "2", - "3", - "4", - "5" - ], - { - "Ref": "BootstrapVersion" - } - ] - } - ] - }, - "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." - } - ] - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ.json deleted file mode 100644 index ac912cf21ccd7..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/integ.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "version": "38.0.1", - "testCases": { - "ClusterAL2023Ami/DefaultTest": { - "stacks": [ - "integ-ecs-al2023-ami" - ], - "assertionStack": "ClusterAL2023Ami/DefaultTest/DeployAssert", - "assertionStackName": "ClusterAL2023AmiDefaultTestDeployAssertD137D68D" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/manifest.json deleted file mode 100644 index 42ff811c0fe5a..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/manifest.json +++ /dev/null @@ -1,359 +0,0 @@ -{ - "version": "38.0.1", - "artifacts": { - "integ-ecs-al2023-ami.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "integ-ecs-al2023-ami.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "integ-ecs-al2023-ami": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "integ-ecs-al2023-ami.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1d78f5700b508a032ad55506bac760f63a742fa788779520dfe06e083d329245.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "integ-ecs-al2023-ami.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "integ-ecs-al2023-ami.assets" - ], - "metadata": { - "/integ-ecs-al2023-ami/Vpc/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "Vpc8378EB38" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1Subnet5C2D37C4" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1RouteTable6C95E38E" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1RouteTableAssociation97140677" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1EIPD7E02669" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet1/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet1NATGateway4D7517AA" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2Subnet691E08A3" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2RouteTable94F7E489" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2DefaultRoute97F91067" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/EIP": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2EIP3C605A87" - } - ], - "/integ-ecs-al2023-ami/Vpc/PublicSubnet2/NATGateway": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPublicSubnet2NATGateway9182C01D" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet1/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet1Subnet536B997A" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet1/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet1RouteTableB2C5B500" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet1/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet1/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet2/Subnet": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet2Subnet3788AAA1" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet2/RouteTable": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet2RouteTableA678073B" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet2/RouteTableAssociation": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" - } - ], - "/integ-ecs-al2023-ami/Vpc/PrivateSubnet2/DefaultRoute": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcPrivateSubnet2DefaultRoute060D2087" - } - ], - "/integ-ecs-al2023-ami/Vpc/IGW": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcIGWD7BA715C" - } - ], - "/integ-ecs-al2023-ami/Vpc/VPCGW": [ - { - "type": "aws:cdk:logicalId", - "data": "VpcVPCGWBF912B6E" - } - ], - "/integ-ecs-al2023-ami/Cluster/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ClusterEB0386A7" - } - ], - "/integ-ecs-al2023-ami/Cluster/Cluster": [ - { - "type": "aws:cdk:logicalId", - "data": "Cluster3DA9CCBA" - } - ], - "/integ-ecs-al2023-ami/ASG/InstanceSecurityGroup/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGInstanceSecurityGroup0525485D" - } - ], - "/integ-ecs-al2023-ami/ASG/InstanceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGInstanceRoleE263A41B" - } - ], - "/integ-ecs-al2023-ami/ASG/InstanceRole/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGInstanceRoleDefaultPolicy7636D8BF" - } - ], - "/integ-ecs-al2023-ami/ASG/InstanceProfile": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGInstanceProfile0A2834D7" - } - ], - "/integ-ecs-al2023-ami/ASG/LaunchTemplate/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGLaunchTemplate0CA92847" - } - ], - "/integ-ecs-al2023-ami/ASG/ASG": [ - { - "type": "aws:cdk:logicalId", - "data": "ASG46ED3070" - } - ], - "/integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGDrainECSHookFunctionServiceRoleC12963BB" - } - ], - "/integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGDrainECSHookFunctionServiceRoleDefaultPolicy16848A27" - } - ], - "/integ-ecs-al2023-ami/ASG/DrainECSHook/Function/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGDrainECSHookFunction5F24CF4D" - } - ], - "/integ-ecs-al2023-ami/ASG/DrainECSHook/Function/AllowInvoke:integecsal2023amiASGLifecycleHookDrainHookTopic083F299F": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGDrainECSHookFunctionAllowInvokeintegecsal2023amiASGLifecycleHookDrainHookTopic083F299FF8F99189" - } - ], - "/integ-ecs-al2023-ami/ASG/DrainECSHook/Function/Topic/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGDrainECSHookFunctionTopicD6FC59F7" - } - ], - "/integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Topic/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - ], - "/integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGLifecycleHookDrainHookRoleD640316C" - } - ], - "/integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/DefaultPolicy/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGLifecycleHookDrainHookRoleDefaultPolicy3EEFDE57" - } - ], - "/integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Resource": [ - { - "type": "aws:cdk:logicalId", - "data": "ASGLifecycleHookDrainHookFE4AFEBE" - } - ], - "/integ-ecs-al2023-ami/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [ - { - "type": "aws:cdk:logicalId", - "data": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2023recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" - } - ], - "/integ-ecs-al2023-ami/EC2CapacityProvider/EC2CapacityProvider": [ - { - "type": "aws:cdk:logicalId", - "data": "EC2CapacityProvider5A2E35CD" - } - ], - "/integ-ecs-al2023-ami/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/integ-ecs-al2023-ami/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "integ-ecs-al2023-ami" - }, - "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets": { - "type": "cdk:asset-manifest", - "properties": { - "file": "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "ClusterAL2023AmiDefaultTestDeployAssertD137D68D": { - "type": "aws:cloudformation:stack", - "environment": "aws://unknown-account/unknown-region", - "properties": { - "templateFile": "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.template.json", - "terminationProtection": false, - "validateOnSynth": false, - "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", - "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", - "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", - "requiresBootstrapStackVersion": 6, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", - "additionalDependencies": [ - "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets" - ], - "lookupRole": { - "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", - "requiresBootstrapStackVersion": 8, - "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" - } - }, - "dependencies": [ - "ClusterAL2023AmiDefaultTestDeployAssertD137D68D.assets" - ], - "metadata": { - "/ClusterAL2023Ami/DefaultTest/DeployAssert/BootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "BootstrapVersion" - } - ], - "/ClusterAL2023Ami/DefaultTest/DeployAssert/CheckBootstrapVersion": [ - { - "type": "aws:cdk:logicalId", - "data": "CheckBootstrapVersion" - } - ] - }, - "displayName": "ClusterAL2023Ami/DefaultTest/DeployAssert" - }, - "Tree": { - "type": "cdk:tree", - "properties": { - "file": "tree.json" - } - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/tree.json deleted file mode 100644 index 0516edbda25b5..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.js.snapshot/tree.json +++ /dev/null @@ -1,1612 +0,0 @@ -{ - "version": "tree-0.1", - "tree": { - "id": "App", - "path": "", - "children": { - "integ-ecs-al2023-ami": { - "id": "integ-ecs-al2023-ami", - "path": "integ-ecs-al2023-ami", - "children": { - "Vpc": { - "id": "Vpc", - "path": "integ-ecs-al2023-ami/Vpc", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/Vpc/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPC", - "aws:cdk:cloudformation:props": { - "cidrBlock": "10.0.0.0/16", - "enableDnsHostnames": true, - "enableDnsSupport": true, - "instanceTenancy": "default", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPC", - "version": "0.0.0" - } - }, - "PublicSubnet1": { - "id": "PublicSubnet1", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.0.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - }, - "subnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "routeTableId": { - "Ref": "VpcPublicSubnet1RouteTable6C95E38E" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet1/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VpcPublicSubnet1EIPD7E02669", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VpcPublicSubnet1Subnet5C2D37C4" - }, - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PublicSubnet2": { - "id": "PublicSubnet2", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.64.0/18", - "mapPublicIpOnLaunch": true, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Public" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Public" - }, - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - }, - "subnetId": { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "gatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "routeTableId": { - "Ref": "VpcPublicSubnet2RouteTable94F7E489" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - }, - "EIP": { - "id": "EIP", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/EIP", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::EIP", - "aws:cdk:cloudformation:props": { - "domain": "vpc", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnEIP", - "version": "0.0.0" - } - }, - "NATGateway": { - "id": "NATGateway", - "path": "integ-ecs-al2023-ami/Vpc/PublicSubnet2/NATGateway", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::NatGateway", - "aws:cdk:cloudformation:props": { - "allocationId": { - "Fn::GetAtt": [ - "VpcPublicSubnet2EIP3C605A87", - "AllocationId" - ] - }, - "subnetId": { - "Ref": "VpcPublicSubnet2Subnet691E08A3" - }, - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PublicSubnet2" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnNatGateway", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PublicSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet1": { - "id": "PrivateSubnet1", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1", - "children": { - "Subnet": { - "id": "Subnet", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 0, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.128.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - }, - "subnetId": { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet1/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VpcPublicSubnet1NATGateway4D7517AA" - }, - "routeTableId": { - "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "PrivateSubnet2": { - "id": "PrivateSubnet2", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2", - "children": { - "Subnet": { - "id": "Subnet", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2/Subnet", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Subnet", - "aws:cdk:cloudformation:props": { - "availabilityZone": { - "Fn::Select": [ - 1, - { - "Fn::GetAZs": "" - } - ] - }, - "cidrBlock": "10.0.192.0/18", - "mapPublicIpOnLaunch": false, - "tags": [ - { - "key": "aws-cdk:subnet-name", - "value": "Private" - }, - { - "key": "aws-cdk:subnet-type", - "value": "Private" - }, - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnet", - "version": "0.0.0" - } - }, - "Acl": { - "id": "Acl", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2/Acl", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "RouteTable": { - "id": "RouteTable", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2/RouteTable", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::RouteTable", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRouteTable", - "version": "0.0.0" - } - }, - "RouteTableAssociation": { - "id": "RouteTableAssociation", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2/RouteTableAssociation", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SubnetRouteTableAssociation", - "aws:cdk:cloudformation:props": { - "routeTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - }, - "subnetId": { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation", - "version": "0.0.0" - } - }, - "DefaultRoute": { - "id": "DefaultRoute", - "path": "integ-ecs-al2023-ami/Vpc/PrivateSubnet2/DefaultRoute", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::Route", - "aws:cdk:cloudformation:props": { - "destinationCidrBlock": "0.0.0.0/0", - "natGatewayId": { - "Ref": "VpcPublicSubnet2NATGateway9182C01D" - }, - "routeTableId": { - "Ref": "VpcPrivateSubnet2RouteTableA678073B" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnRoute", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.PrivateSubnet", - "version": "0.0.0" - } - }, - "IGW": { - "id": "IGW", - "path": "integ-ecs-al2023-ami/Vpc/IGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::InternetGateway", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/Vpc" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnInternetGateway", - "version": "0.0.0" - } - }, - "VPCGW": { - "id": "VPCGW", - "path": "integ-ecs-al2023-ami/Vpc/VPCGW", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment", - "aws:cdk:cloudformation:props": { - "internetGatewayId": { - "Ref": "VpcIGWD7BA715C" - }, - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.Vpc", - "version": "0.0.0" - } - }, - "Cluster": { - "id": "Cluster", - "path": "integ-ecs-al2023-ami/Cluster", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/Cluster/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::Cluster", - "aws:cdk:cloudformation:props": {} - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ecs.CfnCluster", - "version": "0.0.0" - } - }, - "Cluster": { - "id": "Cluster", - "path": "integ-ecs-al2023-ami/Cluster/Cluster", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::ClusterCapacityProviderAssociations", - "aws:cdk:cloudformation:props": { - "capacityProviders": [ - { - "Ref": "EC2CapacityProvider5A2E35CD" - } - ], - "cluster": { - "Ref": "ClusterEB0386A7" - }, - "defaultCapacityProviderStrategy": [] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ecs.CfnClusterCapacityProviderAssociations", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ecs.Cluster", - "version": "0.0.0" - } - }, - "ASG": { - "id": "ASG", - "path": "integ-ecs-al2023-ami/ASG", - "children": { - "InstanceSecurityGroup": { - "id": "InstanceSecurityGroup", - "path": "integ-ecs-al2023-ami/ASG/InstanceSecurityGroup", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/InstanceSecurityGroup/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup", - "aws:cdk:cloudformation:props": { - "groupDescription": "integ-ecs-al2023-ami/ASG/InstanceSecurityGroup", - "securityGroupEgress": [ - { - "cidrIp": "0.0.0.0/0", - "description": "Allow all outbound traffic by default", - "ipProtocol": "-1" - } - ], - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ], - "vpcId": { - "Ref": "Vpc8378EB38" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup", - "version": "0.0.0" - } - }, - "InstanceRole": { - "id": "InstanceRole", - "path": "integ-ecs-al2023-ami/ASG/InstanceRole", - "children": { - "ImportInstanceRole": { - "id": "ImportInstanceRole", - "path": "integ-ecs-al2023-ami/ASG/InstanceRole/ImportInstanceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/InstanceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "ec2.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "integ-ecs-al2023-ami/ASG/InstanceRole/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/InstanceRole/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": [ - "ecs:DeregisterContainerInstance", - "ecs:RegisterContainerInstance", - "ecs:Submit*" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - }, - { - "Action": [ - "ecs:Poll", - "ecs:StartTelemetrySession" - ], - "Condition": { - "ArnEquals": { - "ecs:cluster": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - }, - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": [ - "ecr:GetAuthorizationToken", - "ecs:DiscoverPollEndpoint", - "logs:CreateLogStream", - "logs:PutLogEvents" - ], - "Effect": "Allow", - "Resource": "*" - } - ], - "Version": "2012-10-17" - }, - "policyName": "ASGInstanceRoleDefaultPolicy7636D8BF", - "roles": [ - { - "Ref": "ASGInstanceRoleE263A41B" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "InstanceProfile": { - "id": "InstanceProfile", - "path": "integ-ecs-al2023-ami/ASG/InstanceProfile", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::InstanceProfile", - "aws:cdk:cloudformation:props": { - "roles": [ - { - "Ref": "ASGInstanceRoleE263A41B" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnInstanceProfile", - "version": "0.0.0" - } - }, - "ImportedInstanceProfile": { - "id": "ImportedInstanceProfile", - "path": "integ-ecs-al2023-ami/ASG/ImportedInstanceProfile", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "LaunchTemplate": { - "id": "LaunchTemplate", - "path": "integ-ecs-al2023-ami/ASG/LaunchTemplate", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/LaunchTemplate/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::EC2::LaunchTemplate", - "aws:cdk:cloudformation:props": { - "launchTemplateData": { - "iamInstanceProfile": { - "arn": { - "Fn::GetAtt": [ - "ASGInstanceProfile0A2834D7", - "Arn" - ] - } - }, - "imageId": { - "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2023recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter" - }, - "instanceType": "t2.micro", - "monitoring": { - "enabled": false - }, - "securityGroupIds": [ - { - "Fn::GetAtt": [ - "ASGInstanceSecurityGroup0525485D", - "GroupId" - ] - } - ], - "tagSpecifications": [ - { - "resourceType": "instance", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - }, - { - "resourceType": "volume", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - } - ], - "userData": { - "Fn::Base64": { - "Fn::Join": [ - "", - [ - "#!/bin/bash\necho ECS_CLUSTER=", - { - "Ref": "ClusterEB0386A7" - }, - " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo iptables-save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config" - ] - ] - } - } - }, - "tagSpecifications": [ - { - "resourceType": "launch-template", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG/LaunchTemplate" - } - ] - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.CfnLaunchTemplate", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ec2.LaunchTemplate", - "version": "0.0.0" - } - }, - "ASG": { - "id": "ASG", - "path": "integ-ecs-al2023-ami/ASG/ASG", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AutoScaling::AutoScalingGroup", - "aws:cdk:cloudformation:props": { - "launchTemplate": { - "launchTemplateId": { - "Ref": "ASGLaunchTemplate0CA92847" - }, - "version": { - "Fn::GetAtt": [ - "ASGLaunchTemplate0CA92847", - "LatestVersionNumber" - ] - } - }, - "maxSize": "1", - "minSize": "0", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG", - "propagateAtLaunch": true - } - ], - "vpcZoneIdentifier": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - }, - { - "Ref": "VpcPrivateSubnet2Subnet3788AAA1" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_autoscaling.CfnAutoScalingGroup", - "version": "0.0.0" - } - }, - "DrainECSHook": { - "id": "DrainECSHook", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook", - "children": { - "Function": { - "id": "Function", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function", - "children": { - "ServiceRole": { - "id": "ServiceRole", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole", - "children": { - "ImportServiceRole": { - "id": "ImportServiceRole", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/ImportServiceRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "managedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ], - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": [ - "ec2:DescribeHosts", - "ec2:DescribeInstanceAttribute", - "ec2:DescribeInstanceStatus", - "ec2:DescribeInstances" - ], - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": "autoscaling:CompleteLifecycleAction", - "Effect": "Allow", - "Resource": { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":autoscaling:", - { - "Ref": "AWS::Region" - }, - ":", - { - "Ref": "AWS::AccountId" - }, - ":autoScalingGroup:*:autoScalingGroupName/", - { - "Ref": "ASG46ED3070" - } - ] - ] - } - }, - { - "Action": [ - "ecs:DescribeContainerInstances", - "ecs:DescribeTasks", - "ecs:ListTasks", - "ecs:UpdateContainerInstancesState" - ], - "Condition": { - "ArnEquals": { - "ecs:cluster": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - }, - "Effect": "Allow", - "Resource": "*" - }, - { - "Action": [ - "ecs:ListContainerInstances", - "ecs:SubmitContainerStateChange", - "ecs:SubmitTaskStateChange" - ], - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ClusterEB0386A7", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "ASGDrainECSHookFunctionServiceRoleDefaultPolicy16848A27", - "roles": [ - { - "Ref": "ASGDrainECSHookFunctionServiceRoleC12963BB" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Function", - "aws:cdk:cloudformation:props": { - "code": { - "zipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(dict(event, ResponseURL='...')))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(dict(event, ResponseURL='...')))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n\n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n\n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n\n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" - }, - "environment": { - "variables": { - "CLUSTER": { - "Ref": "ClusterEB0386A7" - } - } - }, - "handler": "index.lambda_handler", - "role": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunctionServiceRoleC12963BB", - "Arn" - ] - }, - "runtime": "python3.9", - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ], - "timeout": 310 - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnFunction", - "version": "0.0.0" - } - }, - "AllowInvoke:integecsal2023amiASGLifecycleHookDrainHookTopic083F299F": { - "id": "AllowInvoke:integecsal2023amiASGLifecycleHookDrainHookTopic083F299F", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/AllowInvoke:integecsal2023amiASGLifecycleHookDrainHookTopic083F299F", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::Lambda::Permission", - "aws:cdk:cloudformation:props": { - "action": "lambda:InvokeFunction", - "functionName": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunction5F24CF4D", - "Arn" - ] - }, - "principal": "sns.amazonaws.com", - "sourceArn": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.CfnPermission", - "version": "0.0.0" - } - }, - "Topic": { - "id": "Topic", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/Topic", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/DrainECSHook/Function/Topic/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SNS::Subscription", - "aws:cdk:cloudformation:props": { - "endpoint": { - "Fn::GetAtt": [ - "ASGDrainECSHookFunction5F24CF4D", - "Arn" - ] - }, - "protocol": "lambda", - "topicArn": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sns.CfnSubscription", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sns.Subscription", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_lambda.Function", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "LifecycleHookDrainHook": { - "id": "LifecycleHookDrainHook", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook", - "children": { - "Topic": { - "id": "Topic", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Topic", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Topic/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::SNS::Topic", - "aws:cdk:cloudformation:props": { - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sns.CfnTopic", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_sns.Topic", - "version": "0.0.0" - } - }, - "Role": { - "id": "Role", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role", - "children": { - "ImportRole": { - "id": "ImportRole", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/ImportRole", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Role", - "aws:cdk:cloudformation:props": { - "assumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "autoscaling.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "tags": [ - { - "key": "Name", - "value": "integ-ecs-al2023-ami/ASG" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnRole", - "version": "0.0.0" - } - }, - "DefaultPolicy": { - "id": "DefaultPolicy", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/DefaultPolicy", - "children": { - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Role/DefaultPolicy/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::IAM::Policy", - "aws:cdk:cloudformation:props": { - "policyDocument": { - "Statement": [ - { - "Action": "sns:Publish", - "Effect": "Allow", - "Resource": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - } - } - ], - "Version": "2012-10-17" - }, - "policyName": "ASGLifecycleHookDrainHookRoleDefaultPolicy3EEFDE57", - "roles": [ - { - "Ref": "ASGLifecycleHookDrainHookRoleD640316C" - } - ] - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.CfnPolicy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Policy", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_iam.Role", - "version": "0.0.0" - } - }, - "Resource": { - "id": "Resource", - "path": "integ-ecs-al2023-ami/ASG/LifecycleHookDrainHook/Resource", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::AutoScaling::LifecycleHook", - "aws:cdk:cloudformation:props": { - "autoScalingGroupName": { - "Ref": "ASG46ED3070" - }, - "defaultResult": "CONTINUE", - "heartbeatTimeout": 300, - "lifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING", - "notificationTargetArn": { - "Ref": "ASGLifecycleHookDrainHookTopicA8AD4ACB" - }, - "roleArn": { - "Fn::GetAtt": [ - "ASGLifecycleHookDrainHookRoleD640316C", - "Arn" - ] - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_autoscaling.CfnLifecycleHook", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_autoscaling.LifecycleHook", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_autoscaling.AutoScalingGroup", - "version": "0.0.0" - } - }, - "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": { - "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", - "path": "integ-ecs-al2023-ami/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118": { - "id": "SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", - "path": "integ-ecs-al2023-ami/SsmParameterValue:--aws--service--ecs--optimized-ami--amazon-linux-2023--recommended--image_id:C96584B6-F00A-464E-AD19-53AFF4B05118", - "constructInfo": { - "fqn": "aws-cdk-lib.Resource", - "version": "0.0.0" - } - }, - "EC2CapacityProvider": { - "id": "EC2CapacityProvider", - "path": "integ-ecs-al2023-ami/EC2CapacityProvider", - "children": { - "EC2CapacityProvider": { - "id": "EC2CapacityProvider", - "path": "integ-ecs-al2023-ami/EC2CapacityProvider/EC2CapacityProvider", - "attributes": { - "aws:cdk:cloudformation:type": "AWS::ECS::CapacityProvider", - "aws:cdk:cloudformation:props": { - "autoScalingGroupProvider": { - "autoScalingGroupArn": { - "Ref": "ASG46ED3070" - }, - "managedScaling": { - "status": "ENABLED", - "targetCapacity": 100 - }, - "managedTerminationProtection": "DISABLED" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ecs.CfnCapacityProvider", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.aws_ecs.AsgCapacityProvider", - "version": "0.0.0" - } - }, - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "integ-ecs-al2023-ami/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "integ-ecs-al2023-ami/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - }, - "ClusterAL2023Ami": { - "id": "ClusterAL2023Ami", - "path": "ClusterAL2023Ami", - "children": { - "DefaultTest": { - "id": "DefaultTest", - "path": "ClusterAL2023Ami/DefaultTest", - "children": { - "Default": { - "id": "Default", - "path": "ClusterAL2023Ami/DefaultTest/Default", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - }, - "DeployAssert": { - "id": "DeployAssert", - "path": "ClusterAL2023Ami/DefaultTest/DeployAssert", - "children": { - "BootstrapVersion": { - "id": "BootstrapVersion", - "path": "ClusterAL2023Ami/DefaultTest/DeployAssert/BootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnParameter", - "version": "0.0.0" - } - }, - "CheckBootstrapVersion": { - "id": "CheckBootstrapVersion", - "path": "ClusterAL2023Ami/DefaultTest/DeployAssert/CheckBootstrapVersion", - "constructInfo": { - "fqn": "aws-cdk-lib.CfnRule", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.Stack", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTestCase", - "version": "0.0.0" - } - } - }, - "constructInfo": { - "fqn": "@aws-cdk/integ-tests-alpha.IntegTest", - "version": "0.0.0" - } - }, - "Tree": { - "id": "Tree", - "path": "Tree", - "constructInfo": { - "fqn": "constructs.Construct", - "version": "10.4.2" - } - } - }, - "constructInfo": { - "fqn": "aws-cdk-lib.App", - "version": "0.0.0" - } - } -} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.ts deleted file mode 100644 index 5065730756508..0000000000000 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.cluster-amazonlinux2023.ts +++ /dev/null @@ -1,34 +0,0 @@ -import * as autoscaling from 'aws-cdk-lib/aws-autoscaling'; -import * as ec2 from 'aws-cdk-lib/aws-ec2'; -import * as cdk from 'aws-cdk-lib'; -import * as ecs from 'aws-cdk-lib/aws-ecs'; -import * as integ from '@aws-cdk/integ-tests-alpha'; - -const app = new cdk.App(); -const stack = new cdk.Stack(app, 'integ-ecs-al2023-ami'); - -const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false }); -const cluster = new ecs.Cluster(stack, 'Cluster', { - vpc, -}); - -const autoScalingGroup = new autoscaling.AutoScalingGroup(stack, 'ASG', { - vpc, - instanceType: new ec2.InstanceType('t2.micro'), - machineImage: ecs.EcsOptimizedImage.amazonLinux2023(), - minCapacity: 0, -}); - -const cp = new ecs.AsgCapacityProvider(stack, 'EC2CapacityProvider', { - autoScalingGroup, - enableManagedTerminationProtection: false, - machineImageType: ecs.MachineImageType.AMAZON_LINUX_2023, -}); - -cluster.addAsgCapacityProvider(cp); - -new integ.IntegTest(app, 'ClusterAL2023Ami', { - testCases: [stack], -}); - -app.synth(); diff --git a/packages/aws-cdk-lib/aws-ecs/README.md b/packages/aws-cdk-lib/aws-ecs/README.md index 9f36906a894ed..dce4c0c88c817 100644 --- a/packages/aws-cdk-lib/aws-ecs/README.md +++ b/packages/aws-cdk-lib/aws-ecs/README.md @@ -1893,25 +1893,3 @@ taskDefinition.addContainer('TheContainer', { }], }); ``` - -## User data - -User data are different between 3 supported OS: Amazon Linux 2023, Amazon Linux 2 and Bottlerocket. You have to specify `machineImageType` accordingly. - -```ts -declare const vpc: ec2.Vpc; -declare const cluster: ecs.Cluster; - -const autoScalingGroup = new autoscaling.AutoScalingGroup(this, 'asg', { - vpc, - instanceType: new ec2.InstanceType('t2.micro'), - machineImage: ecs.EcsOptimizedImage.amazonLinux2023(), -}); - -const capacityProvider = new ecs.AsgCapacityProvider(this, 'provider', { - autoScalingGroup, - machineImageType: ecs.MachineImageType.AMAZON_LINUX_2023, -}); - -cluster.addAsgCapacityProvider(capacityProvider); -``` \ No newline at end of file diff --git a/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts b/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts index cea5296269698..2ae3186d3a2f1 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts @@ -95,10 +95,6 @@ export enum MachineImageType { * Amazon ECS-optimized Amazon Linux 2 AMI */ AMAZON_LINUX_2, - /** - * Amazon ECS-optimized Amazon Linux 2023 AMI - */ - AMAZON_LINUX_2023, /** * Bottlerocket AMI */ @@ -564,7 +560,20 @@ export class Cluster extends Resource implements ICluster { break; } default: - this.configureAmazonECSOptimizedAMIUserData(autoScalingGroup, options); + // Amazon ECS-optimized AMI for Amazon Linux 2 + autoScalingGroup.addUserData(`echo ECS_CLUSTER=${this.clusterName} >> /etc/ecs/ecs.config`); + if (!options.canContainersAccessInstanceRole) { + // Deny containers access to instance metadata service + // Source: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html + autoScalingGroup.addUserData('sudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP'); + autoScalingGroup.addUserData('sudo service iptables save'); + // The following is only for AwsVpc networking mode, but doesn't hurt for the other modes. + autoScalingGroup.addUserData('echo ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config'); + } + + if (autoScalingGroup.spotPrice && options.spotInstanceDraining) { + autoScalingGroup.addUserData('echo ECS_ENABLE_SPOT_INSTANCE_DRAINING=true >> /etc/ecs/ecs.config'); + } } } @@ -622,31 +631,6 @@ export class Cluster extends Resource implements ICluster { } } - private configureAmazonECSOptimizedAMIUserData(autoScalingGroup: autoscaling.AutoScalingGroup, options: AddAutoScalingGroupCapacityOptions = {}) { - autoScalingGroup.addUserData(`echo ECS_CLUSTER=${this.clusterName} >> /etc/ecs/ecs.config`); - if (!options.canContainersAccessInstanceRole) { - // Deny containers access to instance metadata service - // Source: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/instance_IAM_role.html - autoScalingGroup.addUserData('sudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP'); - - switch (options.machineImageType) { - case MachineImageType.AMAZON_LINUX_2023: { - autoScalingGroup.addUserData('sudo iptables-save'); - break; - } - default: - autoScalingGroup.addUserData('sudo service iptables save'); - } - - // The following is only for AwsVpc networking mode, but doesn't hurt for the other modes. - autoScalingGroup.addUserData('echo ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config'); - } - - if (autoScalingGroup.spotPrice && options.spotInstanceDraining) { - autoScalingGroup.addUserData('echo ECS_ENABLE_SPOT_INSTANCE_DRAINING=true >> /etc/ecs/ecs.config'); - } - } - /** * This method enables the Fargate or Fargate Spot capacity providers on the cluster. * diff --git a/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts b/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts index 28cb63f2c2a9c..cf7831598bc49 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts @@ -1991,61 +1991,6 @@ describe('cluster', () => { }); }); - test('cluster capacity with Amazon Linux 2023 AMI, by setting machineImageType', () => { - // GIVEN - const app = new cdk.App(); - const stack = new cdk.Stack(app, 'test'); - const vpc = new ec2.Vpc(stack, 'Vpc'); - const cluster = new ecs.Cluster(stack, 'EcsCluster'); - - // WHEN - const autoScalingGroup = new autoscaling.AutoScalingGroup(stack, 'asg', { - vpc, - instanceType: new ec2.InstanceType('bogus'), - machineImage: ecs.EcsOptimizedImage.amazonLinux2023(), - }); - - const capacityProvider = new ecs.AsgCapacityProvider(stack, 'provider', { - autoScalingGroup, - machineImageType: ecs.MachineImageType.AMAZON_LINUX_2023, - }); - - cluster.addAsgCapacityProvider(capacityProvider); - - // THEN - Template.fromStack(stack).hasResourceProperties('AWS::AutoScaling::LaunchConfiguration', { - ImageId: { - Ref: 'SsmParameterValueawsserviceecsoptimizedamiamazonlinux2023recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter', - }, - UserData: { - 'Fn::Base64': { - 'Fn::Join': [ - '', - [ - '#!/bin/bash\necho ECS_CLUSTER=', - { - Ref: 'EcsCluster97242B84', - }, - ' >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo iptables-save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config', - ], - ], - }, - }, - }); - - Template.fromStack(stack).hasResourceProperties('AWS::ECS::ClusterCapacityProviderAssociations', { - CapacityProviders: [ - { - Ref: 'providerD3FF4D3A', - }, - ], - Cluster: { - Ref: 'EcsCluster97242B84', - }, - DefaultCapacityProviderStrategy: [], - }); - }); - testDeprecated('correct bottlerocket AMI for ARM64 architecture', () => { // GIVEN const app = new cdk.App();