Updated health check

[dylanratcliffe]

No description provided.

[github-actions]

Expected Changes

ecs-task-definition › facial-recognition-terraform-example

--- current
+++ planned
@@ -1,26 +1,26 @@
-arn: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:5
-arn_without_revision: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example
-container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20240827194315707700000013.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:1234"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234,"hostPort":1234,"protocol":"tcp"}],"systemControls":[],"volumesFrom":[]}]'
+arn: (known after apply)
+arn_without_revision: (known after apply)
+container_definitions: '[{"cpu":1024,"environment":[{"name":"DATABASE_URL","value":"tf-20240827194315707700000013.cnx7xf6hwmba.eu-west-2.rds.amazonaws.com"}],"essential":true,"healthCheck":{"command":["CMD-SHELL","wget -q --spider localhost:8080"],"interval":30,"retries":3,"timeout":5},"image":"harshmanvar/face-detection-tensorjs:slim-amd","memory":2048,"mountPoints":[],"name":"facial-recognition","portMappings":[{"appProtocol":"http","containerPort":1234}],"volumesFrom":[]}]'
 cpu: "1024"
 ephemeral_storage: []
-execution_role_arn: ""
+execution_role_arn: null
 family: facial-recognition-terraform-example
-id: facial-recognition-terraform-example
+id: (known after apply)
 inference_accelerator: []
-ipc_mode: ""
+ipc_mode: null
 memory: "2048"
 network_mode: awsvpc
-pid_mode: ""
+pid_mode: null
 placement_constraints: []
 proxy_configuration: []
 requires_compatibilities:
     - FARGATE
-revision: 5
+revision: (known after apply)
 runtime_platform: []
 skip_destroy: false
-tags: {}
-tags_all: {}
-task_role_arn: ""
+tags: null
+tags_all: (known after apply)
+task_role_arn: null
 terraform_address: module.scenarios[0].aws_ecs_task_definition.face
 terraform_name: module.scenarios[0].aws_ecs_task_definition.face
 track_latest: false

Unmapped Changes

Note

These changes couldn't be mapped to a discoverable cloud resource and therefore won't be included in the blast radius calculation.

aws_ecs_service › module.scenarios[0].aws_ecs_service.face

--- current
+++ planned
@@ -43,7 +43,7 @@
 service_registries: []
 tags: {}
 tags_all: {}
-task_definition: arn:aws:ecs:eu-west-2:540044833068:task-definition/facial-recognition-terraform-example:5
+task_definition: (known after apply)
 terraform_address: module.scenarios[0].aws_ecs_service.face
 terraform_name: module.scenarios[0].aws_ecs_service.face
 timeouts: null

Blast Radius

Items	Edges
24	34

Open in Overmind

Risks

Change in Task Definition Port and Health Check Command [Medium]

The ECS Task Definition for the facial-recognition-terraform-example service is being altered. Specifically, there is a change in the container's health check command, where the port in the command switches from 1234 to 8080, and the host port is being removed from port mappings. This alteration suggests that the application may be migrating endpoints or protocols internally, potentially affecting connectivity or causing misrouting of traffic if upstream dependencies (like security group permissions or NACLs) aren't adjusted accordingly.

Potential Impacts:

• If other components or services expect this service to run on port 1234, then communications might fail due to mismatch of expected listening ports.
• Load balancers or other network configurations may not route traffic correctly if assuming the port 1234 will still be used or if they are using the previous health check configuration.

Validation Steps:

• Confirm that all upstream configurations (e.g., load balancers, security groups, or DNS changes if applicable) are updated to reflect the change in the health check command port.
• Ensure any other services or applications that interact with this updated task are aware of and compatible with this port change.
• Verify that internal documentation and configuration management repositories reflect these port changes to maintain infrastructure as code consistency.

Without proper updates and notifications across all connected services, this change might lead to service interruptions, unexpected downtime, or misrouting of requests.