From 920f12f9ac4dbe85841848844e117ec054391e22 Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Wed, 11 Sep 2019 12:33:45 +0200 Subject: [PATCH] fix(events): remove custom resource for fargate event target (#3952) * chore(events): remove custom resource for fargate event target The latest CloudFormation specification adds `LaunchType` and `NetworkConfiguration` properties to the `EcsParameters` property. A custom resource to set those values is no longer needed. Closes #3930 * fix comma in package.json after fixing merge conflict --- ...g.scheduled-fargate-task.lit.expected.json | 320 ++---------------- .../fargate/test.scheduled-fargate-task.ts | 38 +++ .../aws-events-targets/lib/ecs-task.ts | 77 ++--- .../@aws-cdk/aws-events-targets/package.json | 8 +- .../test/ecs/event-rule-target.test.ts | 152 +++------ .../integ.event-fargate-task.expected.json | 320 ++---------------- 6 files changed, 150 insertions(+), 765 deletions(-) diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.scheduled-fargate-task.lit.expected.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.scheduled-fargate-task.lit.expected.json index f021dc1d32076..73f99b321b515 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.scheduled-fargate-task.lit.expected.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.scheduled-fargate-task.lit.expected.json @@ -207,6 +207,25 @@ ] }, "EcsParameters": { + "LaunchType": "FARGATE", + "NetworkConfiguration": { + "AwsVpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ScheduledFargateTaskScheduledTaskDefSecurityGroupE075BC19", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + ] + } + }, "TaskCount": 2, "TaskDefinitionArn": { "Ref": "ScheduledFargateTaskScheduledTaskDef521FA675" @@ -600,173 +619,6 @@ ] } }, - "ScheduledFargateTaskScheduledTaskDefScheduledEventRuleTarget0PutTargets4F6BAABA": { - "Type": "Custom::AWS", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "AWS679f53fac002430cb0da5b7982bd22872D164C4C", - "Arn" - ] - }, - "Create": { - "service": "CloudWatchEvents", - "apiVersion": "2015-10-07", - "action": "putTargets", - "parameters": { - "Rule": { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "/", - { - "Fn::Select": [ - 5, - { - "Fn::Split": [ - ":", - { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledEventRule2B79E34F", - "Arn" - ] - } - ] - } - ] - } - ] - } - ] - }, - "Targets": [ - { - "Arn": { - "Fn::GetAtt": [ - "FargateCluster7CCD5F93", - "Arn" - ] - }, - "Id": "Target0", - "EcsParameters": { - "TaskDefinitionArn": { - "Ref": "ScheduledFargateTaskScheduledTaskDef521FA675" - }, - "LaunchType": "FARGATE", - "NetworkConfiguration": { - "awsvpcConfiguration": { - "Subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - ], - "AssignPublicIp": "DISABLED", - "SecurityGroups": [ - { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledTaskDefSecurityGroupE075BC19", - "GroupId" - ] - } - ] - } - }, - "TaskCount": 2 - }, - "Input": "{}", - "RoleArn": { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledTaskDefEventsRole6CE19522", - "Arn" - ] - } - } - ] - }, - "physicalResourceId": "awsfargateintegScheduledFargateTaskScheduledTaskDefB0AD4F70" - }, - "Update": { - "service": "CloudWatchEvents", - "apiVersion": "2015-10-07", - "action": "putTargets", - "parameters": { - "Rule": { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "/", - { - "Fn::Select": [ - 5, - { - "Fn::Split": [ - ":", - { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledEventRule2B79E34F", - "Arn" - ] - } - ] - } - ] - } - ] - } - ] - }, - "Targets": [ - { - "Arn": { - "Fn::GetAtt": [ - "FargateCluster7CCD5F93", - "Arn" - ] - }, - "Id": "Target0", - "EcsParameters": { - "TaskDefinitionArn": { - "Ref": "ScheduledFargateTaskScheduledTaskDef521FA675" - }, - "LaunchType": "FARGATE", - "NetworkConfiguration": { - "awsvpcConfiguration": { - "Subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - ], - "AssignPublicIp": "DISABLED", - "SecurityGroups": [ - { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledTaskDefSecurityGroupE075BC19", - "GroupId" - ] - } - ] - } - }, - "TaskCount": 2 - }, - "Input": "{}", - "RoleArn": { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledTaskDefEventsRole6CE19522", - "Arn" - ] - } - } - ] - }, - "physicalResourceId": "awsfargateintegScheduledFargateTaskScheduledTaskDefB0AD4F70" - } - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cServiceRoleD788AA17": { "Type": "AWS::IAM::Role", "Properties": { @@ -912,128 +764,6 @@ "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cServiceRoleDefaultPolicy6BC8737C", "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cServiceRoleD788AA17" ] - }, - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "events:PutTargets", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledEventRule2B79E34F", - "Arn" - ] - } - }, - { - "Action": "iam:PassRole", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "ScheduledFargateTaskScheduledTaskDefEventsRole6CE19522", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E", - "Roles": [ - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" - } - ] - } - }, - "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3BucketF55839B6" - }, - "S3Key": { - "Fn::Join": [ - "", - [ - { - "Fn::Select": [ - 0, - { - "Fn::Split": [ - "||", - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F" - } - ] - } - ] - }, - { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "||", - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F" - } - ] - } - ] - } - ] - ] - } - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", - "Arn" - ] - }, - "Runtime": "nodejs10.x" - }, - "DependsOn": [ - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E", - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" - ] } }, "Parameters": { @@ -1052,18 +782,6 @@ "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cCodeArtifactHash8BCBAA49": { "Type": "String", "Description": "Artifact hash for asset \"aws-fargate-integ/AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62c/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeS3BucketF55839B6": { - "Type": "String", - "Description": "S3 bucket for asset \"aws-fargate-integ/AWS679f53fac002430cb0da5b7982bd2287/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F": { - "Type": "String", - "Description": "S3 key for asset version \"aws-fargate-integ/AWS679f53fac002430cb0da5b7982bd2287/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeArtifactHash49FACC2E": { - "Type": "String", - "Description": "Artifact hash for asset \"aws-fargate-integ/AWS679f53fac002430cb0da5b7982bd2287/Code\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.scheduled-fargate-task.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.scheduled-fargate-task.ts index dacb85765d2df..05703296b0a31 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.scheduled-fargate-task.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.scheduled-fargate-task.ts @@ -26,6 +26,25 @@ export = { { Arn: { "Fn::GetAtt": ["EcsCluster97242B84", "Arn"] }, EcsParameters: { + LaunchType: "FARGATE", + NetworkConfiguration: { + AwsVpcConfiguration: { + AssignPublicIp: "DISABLED", + SecurityGroups: [ + { + "Fn::GetAtt": [ + "ScheduledFargateTaskScheduledTaskDefSecurityGroupE075BC19", + "GroupId" + ] + } + ], + Subnets: [ + { + Ref: "VpcPrivateSubnet1Subnet536B997A" + } + ] + } + }, TaskCount: 1, TaskDefinitionArn: { Ref: "ScheduledFargateTaskScheduledTaskDef521FA675" } }, @@ -83,6 +102,25 @@ export = { { Arn: { "Fn::GetAtt": ["EcsCluster97242B84", "Arn"] }, EcsParameters: { + LaunchType: "FARGATE", + NetworkConfiguration: { + AwsVpcConfiguration: { + AssignPublicIp: "DISABLED", + SecurityGroups: [ + { + "Fn::GetAtt": [ + "ScheduledFargateTaskScheduledTaskDefSecurityGroupE075BC19", + "GroupId" + ] + } + ], + Subnets: [ + { + Ref: "VpcPrivateSubnet1Subnet536B997A" + } + ] + } + }, TaskCount: 2, TaskDefinitionArn: { Ref: "ScheduledFargateTaskScheduledTaskDef521FA675" } }, diff --git a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts index 4d283fa945405..8d5e58e5cf56e 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/ecs-task.ts @@ -2,8 +2,6 @@ import ec2 = require('@aws-cdk/aws-ec2'); import ecs = require('@aws-cdk/aws-ecs'); import events = require ('@aws-cdk/aws-events'); import iam = require('@aws-cdk/aws-iam'); -import { Stack } from '@aws-cdk/core'; -import custom = require('@aws-cdk/custom-resources'); import { ContainerOverride } from './ecs-task-properties'; import { singletonEventRole } from './util'; @@ -78,7 +76,7 @@ export class EcsTask implements events.IRuleTarget { /** * Allows using tasks as target of CloudWatch events */ - public bind(rule: events.IRule, id?: string): events.RuleTargetConfig { + public bind(_rule: events.IRule, _id?: string): events.RuleTargetConfig { const policyStatements = [new iam.PolicyStatement({ actions: ['ecs:RunTask'], resources: [this.taskDefinition.taskDefinitionArn], @@ -112,65 +110,30 @@ export class EcsTask implements events.IRuleTarget { const taskCount = this.taskCount; const taskDefinitionArn = this.taskDefinition.taskDefinitionArn; - // Use a custom resource to "enhance" the target with network configuration - // when using awsvpc network mode. - if (this.taskDefinition.networkMode === ecs.NetworkMode.AWS_VPC) { - const subnetSelection = this.props.subnetSelection || { subnetType: ec2.SubnetType.PRIVATE }; - const assignPublicIp = subnetSelection.subnetType === ec2.SubnetType.PUBLIC ? 'ENABLED' : 'DISABLED'; - - new custom.AwsCustomResource(this.taskDefinition, `${rule.node.id}${id}PutTargets`, { - // `onCreate´ defaults to `onUpdate` and we don't need an `onDelete` here - // because the rule/target will be owned by CF anyway. - onUpdate: { - service: 'CloudWatchEvents', - apiVersion: '2015-10-07', - action: 'putTargets', - parameters: { - Rule: Stack.of(this.taskDefinition).parseArn(rule.ruleArn).resourceName, - Targets: [ - { - Arn: arn, - Id: id, - EcsParameters: { - TaskDefinitionArn: taskDefinitionArn, - LaunchType: this.taskDefinition.isEc2Compatible ? 'EC2' : 'FARGATE', - NetworkConfiguration: { - awsvpcConfiguration: { - Subnets: this.props.cluster.vpc.selectSubnets(subnetSelection).subnetIds, - AssignPublicIp: assignPublicIp, - SecurityGroups: this.securityGroup && [this.securityGroup.securityGroupId], - } - }, - TaskCount: taskCount, - }, - Input: JSON.stringify(input), - RoleArn: role.roleArn - } - ] - }, - physicalResourceId: this.taskDefinition.node.uniqueId, - }, - policyStatements: [ // Cannot use automatic policy statements because we need iam:PassRole - new iam.PolicyStatement({ - actions: ['events:PutTargets'], - resources: [rule.ruleArn], - }), - new iam.PolicyStatement({ - actions: ['iam:PassRole'], - resources: [role.roleArn], - }) - ] - }); - } + const subnetSelection = this.props.subnetSelection || { subnetType: ec2.SubnetType.PRIVATE }; + const assignPublicIp = subnetSelection.subnetType === ec2.SubnetType.PUBLIC ? 'ENABLED' : 'DISABLED'; + + const baseEcsParameters = { taskCount, taskDefinitionArn }; + + const ecsParameters: events.CfnRule.EcsParametersProperty = this.taskDefinition.networkMode === ecs.NetworkMode.AWS_VPC + ? { + ...baseEcsParameters, + launchType: this.taskDefinition.isEc2Compatible ? 'EC2' : 'FARGATE', + networkConfiguration: { + awsVpcConfiguration: { + subnets: this.props.cluster.vpc.selectSubnets(subnetSelection).subnetIds, + assignPublicIp, + securityGroups: this.securityGroup && [this.securityGroup.securityGroupId] + } + } + } + : baseEcsParameters; return { id: '', arn, role, - ecsParameters: { - taskCount, - taskDefinitionArn - }, + ecsParameters, input: events.RuleTargetInput.fromObject(input), targetResource: this.taskDefinition, }; diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index b3a65f3632fd4..fa68539814a0c 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -100,8 +100,7 @@ "@aws-cdk/aws-sns-subscriptions": "^1.8.0", "@aws-cdk/aws-sqs": "^1.8.0", "@aws-cdk/aws-stepfunctions": "^1.8.0", - "@aws-cdk/core": "^1.8.0", - "@aws-cdk/custom-resources": "^1.8.0" + "@aws-cdk/core": "^1.8.0" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -117,11 +116,10 @@ "@aws-cdk/aws-sns-subscriptions": "^1.8.0", "@aws-cdk/aws-sqs": "^1.8.0", "@aws-cdk/aws-stepfunctions": "^1.8.0", - "@aws-cdk/core": "^1.8.0", - "@aws-cdk/custom-resources": "^1.8.0" + "@aws-cdk/core": "^1.8.0" }, "engines": { "node": ">= 8.10.0" }, "stability": "stable" -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts index ae28b74423bef..496afade60363 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/event-rule-target.test.ts @@ -83,87 +83,6 @@ test("Can use Fargate taskdef as EventRule target", () => { }] })); - // THEN - expect(stack).toHaveResourceLike('Custom::AWS', { - Update: { - service: "CloudWatchEvents", - apiVersion: "2015-10-07", - action: "putTargets", - parameters: { - Rule: { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "/", - { - "Fn::Select": [ - 5, - { - "Fn::Split": [ - ":", - { - "Fn::GetAtt": [ - "Rule4C995B7F", - "Arn" - ] - } - ] - } - ] - } - ] - } - ] - }, - Targets: [ - { - Arn: { - "Fn::GetAtt": [ - "EcsCluster97242B84", - "Arn" - ] - }, - Id: "Target0", - EcsParameters: { - TaskDefinitionArn: { - Ref: "TaskDef54694570" - }, - LaunchType: "FARGATE", - NetworkConfiguration: { - awsvpcConfiguration: { - Subnets: [ - { - Ref: "VpcPrivateSubnet1Subnet536B997A" - } - ], - AssignPublicIp: "DISABLED", - SecurityGroups: [ - { - "Fn::GetAtt": [ - "TaskDefSecurityGroupD50E7CF0", - "GroupId" - ] - } - ] - } - }, - TaskCount: 1 - }, - Input: "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"command\":[\"echo\",\"$.detail.event\"]}]}", - RoleArn: { - "Fn::GetAtt": [ - "TaskDefEventsRoleFB3B67B8", - "Arn" - ] - } - } - ] - }, - physicalResourceId: taskDefinition.node.uniqueId - } - }); - // THEN expect(stack).toHaveResourceLike('AWS::Events::Rule', { Targets: [ @@ -171,7 +90,26 @@ test("Can use Fargate taskdef as EventRule target", () => { Arn: { "Fn::GetAtt": ["EcsCluster97242B84", "Arn"] }, EcsParameters: { TaskCount: 1, - TaskDefinitionArn: { Ref: "TaskDef54694570" } + TaskDefinitionArn: { Ref: "TaskDef54694570" }, + LaunchType: "FARGATE", + NetworkConfiguration: { + AwsVpcConfiguration: { + Subnets: [ + { + Ref: "VpcPrivateSubnet1Subnet536B997A" + } + ], + AssignPublicIp: "DISABLED", + SecurityGroups: [ + { + "Fn::GetAtt": [ + "TaskDefSecurityGroupD50E7CF0", + "GroupId" + ] + } + ] + } + }, }, InputTransformer: { InputPathsMap: { @@ -286,25 +224,37 @@ test("Isolated subnet does not have AssignPublicIp=true", () => { })); // THEN - expect(stack).toHaveResourceLike('Custom::AWS', { - Update: { - service: "CloudWatchEvents", - apiVersion: "2015-10-07", - action: "putTargets", - parameters: { - Targets: [ - { - EcsParameters: { - LaunchType: "FARGATE", - NetworkConfiguration: { - awsvpcConfiguration: { - AssignPublicIp: "DISABLED", + expect(stack).toHaveResourceLike('AWS::Events::Rule', { + Targets: [ + { + Arn: { "Fn::GetAtt": ["EcsCluster97242B84", "Arn"] }, + EcsParameters: { + TaskCount: 1, + TaskDefinitionArn: { Ref: "TaskDef54694570" }, + LaunchType: "FARGATE", + NetworkConfiguration: { + AwsVpcConfiguration: { + Subnets: [ + { + Ref: "VpcIsolatedSubnet1SubnetE48C5737" } - }, - }, - } - ] + ], + AssignPublicIp: "DISABLED", + SecurityGroups: [ + { + "Fn::GetAtt": [ + "TaskDefSecurityGroupD50E7CF0", + "GroupId" + ] + } + ] + } + }, + }, + Input: "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"command\":[\"echo\",\"yay\"]}]}", + RoleArn: { "Fn::GetAtt": ["TaskDefEventsRoleFB3B67B8", "Arn"] }, + Id: "Target0" } - } + ], }); -}); \ No newline at end of file +}); diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json index b6c1365800431..2d37bb5896991 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-fargate-task.expected.json @@ -563,173 +563,6 @@ ] } }, - "TaskDefRuleTarget0PutTargets77691785": { - "Type": "Custom::AWS", - "Properties": { - "ServiceToken": { - "Fn::GetAtt": [ - "AWS679f53fac002430cb0da5b7982bd22872D164C4C", - "Arn" - ] - }, - "Create": { - "service": "CloudWatchEvents", - "apiVersion": "2015-10-07", - "action": "putTargets", - "parameters": { - "Rule": { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "/", - { - "Fn::Select": [ - 5, - { - "Fn::Split": [ - ":", - { - "Fn::GetAtt": [ - "Rule4C995B7F", - "Arn" - ] - } - ] - } - ] - } - ] - } - ] - }, - "Targets": [ - { - "Arn": { - "Fn::GetAtt": [ - "EcsCluster97242B84", - "Arn" - ] - }, - "Id": "Target0", - "EcsParameters": { - "TaskDefinitionArn": { - "Ref": "TaskDef54694570" - }, - "LaunchType": "FARGATE", - "NetworkConfiguration": { - "awsvpcConfiguration": { - "Subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - ], - "AssignPublicIp": "DISABLED", - "SecurityGroups": [ - { - "Fn::GetAtt": [ - "TaskDefSecurityGroupD50E7CF0", - "GroupId" - ] - } - ] - } - }, - "TaskCount": 1 - }, - "Input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}", - "RoleArn": { - "Fn::GetAtt": [ - "TaskDefEventsRoleFB3B67B8", - "Arn" - ] - } - } - ] - }, - "physicalResourceId": "awsecsintegfargateTaskDef8878AF94" - }, - "Update": { - "service": "CloudWatchEvents", - "apiVersion": "2015-10-07", - "action": "putTargets", - "parameters": { - "Rule": { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "/", - { - "Fn::Select": [ - 5, - { - "Fn::Split": [ - ":", - { - "Fn::GetAtt": [ - "Rule4C995B7F", - "Arn" - ] - } - ] - } - ] - } - ] - } - ] - }, - "Targets": [ - { - "Arn": { - "Fn::GetAtt": [ - "EcsCluster97242B84", - "Arn" - ] - }, - "Id": "Target0", - "EcsParameters": { - "TaskDefinitionArn": { - "Ref": "TaskDef54694570" - }, - "LaunchType": "FARGATE", - "NetworkConfiguration": { - "awsvpcConfiguration": { - "Subnets": [ - { - "Ref": "VpcPrivateSubnet1Subnet536B997A" - } - ], - "AssignPublicIp": "DISABLED", - "SecurityGroups": [ - { - "Fn::GetAtt": [ - "TaskDefSecurityGroupD50E7CF0", - "GroupId" - ] - } - ] - } - }, - "TaskCount": 1 - }, - "Input": "{\"containerOverrides\":[{\"name\":\"TheContainer\",\"environment\":[{\"name\":\"I_WAS_TRIGGERED\",\"value\":\"From CloudWatch Events\"}]}]}", - "RoleArn": { - "Fn::GetAtt": [ - "TaskDefEventsRoleFB3B67B8", - "Arn" - ] - } - } - ] - }, - "physicalResourceId": "awsecsintegfargateTaskDef8878AF94" - } - }, - "UpdateReplacePolicy": "Delete", - "DeletionPolicy": "Delete" - }, "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cServiceRoleD788AA17": { "Type": "AWS::IAM::Role", "Properties": { @@ -890,6 +723,25 @@ ] }, "EcsParameters": { + "LaunchType": "FARGATE", + "NetworkConfiguration": { + "AwsVpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "TaskDefSecurityGroupD50E7CF0", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + ] + } + }, "TaskCount": 1, "TaskDefinitionArn": { "Ref": "TaskDef54694570" @@ -906,128 +758,6 @@ } ] } - }, - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { - "Type": "AWS::IAM::Role", - "Properties": { - "AssumeRolePolicyDocument": { - "Statement": [ - { - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - } - } - ], - "Version": "2012-10-17" - }, - "ManagedPolicyArns": [ - { - "Fn::Join": [ - "", - [ - "arn:", - { - "Ref": "AWS::Partition" - }, - ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ] - ] - } - ] - } - }, - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E": { - "Type": "AWS::IAM::Policy", - "Properties": { - "PolicyDocument": { - "Statement": [ - { - "Action": "events:PutTargets", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "Rule4C995B7F", - "Arn" - ] - } - }, - { - "Action": "iam:PassRole", - "Effect": "Allow", - "Resource": { - "Fn::GetAtt": [ - "TaskDefEventsRoleFB3B67B8", - "Arn" - ] - } - } - ], - "Version": "2012-10-17" - }, - "PolicyName": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E", - "Roles": [ - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" - } - ] - } - }, - "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { - "Type": "AWS::Lambda::Function", - "Properties": { - "Code": { - "S3Bucket": { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3BucketF55839B6" - }, - "S3Key": { - "Fn::Join": [ - "", - [ - { - "Fn::Select": [ - 0, - { - "Fn::Split": [ - "||", - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F" - } - ] - } - ] - }, - { - "Fn::Select": [ - 1, - { - "Fn::Split": [ - "||", - { - "Ref": "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F" - } - ] - } - ] - } - ] - ] - } - }, - "Handler": "index.handler", - "Role": { - "Fn::GetAtt": [ - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", - "Arn" - ] - }, - "Runtime": "nodejs10.x" - }, - "DependsOn": [ - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleDefaultPolicyD28E1A5E", - "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" - ] } }, "Parameters": { @@ -1046,18 +776,6 @@ "AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62cCodeArtifactHash8BCBAA49": { "Type": "String", "Description": "Artifact hash for asset \"aws-ecs-integ-fargate/AdoptEcrRepositorydbc60defc59544bcaa5c28c95d68f62c/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeS3BucketF55839B6": { - "Type": "String", - "Description": "S3 bucket for asset \"aws-ecs-integ-fargate/AWS679f53fac002430cb0da5b7982bd2287/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeS3VersionKey3C45B02F": { - "Type": "String", - "Description": "S3 key for asset version \"aws-ecs-integ-fargate/AWS679f53fac002430cb0da5b7982bd2287/Code\"" - }, - "AWS679f53fac002430cb0da5b7982bd2287CodeArtifactHash49FACC2E": { - "Type": "String", - "Description": "Artifact hash for asset \"aws-ecs-integ-fargate/AWS679f53fac002430cb0da5b7982bd2287/Code\"" } } } \ No newline at end of file