Untitled

mail@pastecode.io avatar
unknown
plain_text
2 years ago
2.3 kB
1
Indexable
Never
AWSTemplateFormatVersion: "2010-09-09"
Resources:

  TaskRole3:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - ecs-tasks.amazonaws.com
            Action:
              - 'sts:AssumeRole'
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy

  TaskRole:
    Type: 'AWS::IAM::Role'
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - ecs-tasks.amazonaws.com
            Action:
              - 'sts:AssumeRole'
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy


  Taskdefinition: 
    Type: AWS::ECS::TaskDefinition
    Properties: 
      Family: paas-monitor
      Cpu: "256"
      Memory: "512"
      NetworkMode: "awsvpc"
      RequiresCompatibilities:
       - FARGATE
      ExecutionRoleArn: !GetAtt TaskRole.Arn
      ContainerDefinitions: 
        - 
          Name: "paas-monitor"
          Image: "mvanholsteijn/paas-monitor:latest"
          Cpu: 256
          Memory: 512
          PortMappings:
            -   ContainerPort: 1337
                HostPort: 1337

  ECSCluster:
    Type: 'AWS::ECS::Cluster'
    Properties:
      ClusterName: awslabs-cluster

  ECSSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
        GroupDescription: Allow http to client host
        VpcId: vpc-0d57a36fa5e349c66
        SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 1337
          ToPort: 1337
          CidrIp: 0.0.0.0/0

  ECSService: 
    Type: AWS::ECS::Service
    Properties: 
      ServiceName: "paas-monitor"
      Cluster: !Ref ECSCluster
      DesiredCount: 1
      LaunchType: FARGATE
      TaskDefinition: !Ref "Taskdefinition"
      NetworkConfiguration:
          AwsVpcConfiguration: 
            AssignPublicIp: ENABLED
            SecurityGroups: 
              - !Ref ECSSecurityGroup
            Subnets: 
              - subnet-0d7f909eae71c0db6
              - subnet-0755915d829ea4645
              - subnet-09a0e6bea3383ae97