API tools faq
paste
Advertisement
Guest User

CDK Test

a guest
Mar 22nd, 2019
164
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
YAML 35.48 KB | None | 0 0
raw download clone embed print report
  1. Resources:
  2.   Vpc8378EB38:
  3.     Type: AWS::EC2::VPC
  4.     Properties:
  5.       CidrBlock: 10.0.0.0/16
  6.       EnableDnsHostnames: true
  7.       EnableDnsSupport: true
  8.       InstanceTenancy: default
  9.       Tags:
  10.         - Key: Name
  11.           Value: aws-ecs-integ-ecs/Vpc
  12.     Metadata:
  13.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/Resource
  14.   VpcPublicSubnet1Subnet5C2D37C4:
  15.     Type: AWS::EC2::Subnet
  16.     Properties:
  17.       CidrBlock: 10.0.0.0/18
  18.       VpcId:
  19.         Ref: Vpc8378EB38
  20.       AvailabilityZone: eu-central-1a
  21.       MapPublicIpOnLaunch: true
  22.       Tags:
  23.         - Key: Name
  24.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet1
  25.         - Key: aws-cdk:subnet-name
  26.           Value: Public
  27.         - Key: aws-cdk:subnet-type
  28.           Value: Public
  29.     Metadata:
  30.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/Subnet
  31.   VpcPublicSubnet1RouteTable6C95E38E:
  32.     Type: AWS::EC2::RouteTable
  33.     Properties:
  34.       VpcId:
  35.         Ref: Vpc8378EB38
  36.       Tags:
  37.         - Key: Name
  38.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet1
  39.     Metadata:
  40.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/RouteTable
  41.   VpcPublicSubnet1RouteTableAssociation97140677:
  42.     Type: AWS::EC2::SubnetRouteTableAssociation
  43.     Properties:
  44.       RouteTableId:
  45.         Ref: VpcPublicSubnet1RouteTable6C95E38E
  46.       SubnetId:
  47.         Ref: VpcPublicSubnet1Subnet5C2D37C4
  48.     Metadata:
  49.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/RouteTableAssociation
  50.   VpcPublicSubnet1DefaultRoute3DA9E72A:
  51.     Type: AWS::EC2::Route
  52.     Properties:
  53.       RouteTableId:
  54.         Ref: VpcPublicSubnet1RouteTable6C95E38E
  55.       DestinationCidrBlock: 0.0.0.0/0
  56.       GatewayId:
  57.         Ref: VpcIGWD7BA715C
  58.     DependsOn:
  59.      - VpcVPCGWBF912B6E
  60.     Metadata:
  61.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/DefaultRoute
  62.   VpcPublicSubnet1EIPD7E02669:
  63.     Type: AWS::EC2::EIP
  64.     Properties:
  65.       Domain: vpc
  66.     Metadata:
  67.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/EIP
  68.   VpcPublicSubnet1NATGateway4D7517AA:
  69.     Type: AWS::EC2::NatGateway
  70.     Properties:
  71.       AllocationId:
  72.         Fn::GetAtt:
  73.          - VpcPublicSubnet1EIPD7E02669
  74.           - AllocationId
  75.       SubnetId:
  76.         Ref: VpcPublicSubnet1Subnet5C2D37C4
  77.       Tags:
  78.         - Key: Name
  79.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet1
  80.     Metadata:
  81.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet1/NATGateway
  82.   VpcPublicSubnet2Subnet691E08A3:
  83.     Type: AWS::EC2::Subnet
  84.     Properties:
  85.       CidrBlock: 10.0.64.0/18
  86.       VpcId:
  87.         Ref: Vpc8378EB38
  88.       AvailabilityZone: eu-central-1b
  89.       MapPublicIpOnLaunch: true
  90.       Tags:
  91.         - Key: Name
  92.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet2
  93.         - Key: aws-cdk:subnet-name
  94.           Value: Public
  95.         - Key: aws-cdk:subnet-type
  96.           Value: Public
  97.     Metadata:
  98.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/Subnet
  99.   VpcPublicSubnet2RouteTable94F7E489:
  100.     Type: AWS::EC2::RouteTable
  101.     Properties:
  102.       VpcId:
  103.         Ref: Vpc8378EB38
  104.       Tags:
  105.         - Key: Name
  106.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet2
  107.     Metadata:
  108.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/RouteTable
  109.   VpcPublicSubnet2RouteTableAssociationDD5762D8:
  110.     Type: AWS::EC2::SubnetRouteTableAssociation
  111.     Properties:
  112.       RouteTableId:
  113.         Ref: VpcPublicSubnet2RouteTable94F7E489
  114.       SubnetId:
  115.         Ref: VpcPublicSubnet2Subnet691E08A3
  116.     Metadata:
  117.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/RouteTableAssociation
  118.   VpcPublicSubnet2DefaultRoute97F91067:
  119.     Type: AWS::EC2::Route
  120.     Properties:
  121.       RouteTableId:
  122.         Ref: VpcPublicSubnet2RouteTable94F7E489
  123.       DestinationCidrBlock: 0.0.0.0/0
  124.       GatewayId:
  125.         Ref: VpcIGWD7BA715C
  126.     DependsOn:
  127.      - VpcVPCGWBF912B6E
  128.     Metadata:
  129.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/DefaultRoute
  130.   VpcPublicSubnet2EIP3C605A87:
  131.     Type: AWS::EC2::EIP
  132.     Properties:
  133.       Domain: vpc
  134.     Metadata:
  135.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/EIP
  136.   VpcPublicSubnet2NATGateway9182C01D:
  137.     Type: AWS::EC2::NatGateway
  138.     Properties:
  139.       AllocationId:
  140.         Fn::GetAtt:
  141.          - VpcPublicSubnet2EIP3C605A87
  142.           - AllocationId
  143.       SubnetId:
  144.         Ref: VpcPublicSubnet2Subnet691E08A3
  145.       Tags:
  146.         - Key: Name
  147.           Value: aws-ecs-integ-ecs/Vpc/PublicSubnet2
  148.     Metadata:
  149.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PublicSubnet2/NATGateway
  150.   VpcPrivateSubnet1Subnet536B997A:
  151.     Type: AWS::EC2::Subnet
  152.     Properties:
  153.       CidrBlock: 10.0.128.0/18
  154.       VpcId:
  155.         Ref: Vpc8378EB38
  156.       AvailabilityZone: eu-central-1a
  157.       MapPublicIpOnLaunch: false
  158.       Tags:
  159.         - Key: Name
  160.           Value: aws-ecs-integ-ecs/Vpc/PrivateSubnet1
  161.         - Key: aws-cdk:subnet-name
  162.           Value: Private
  163.         - Key: aws-cdk:subnet-type
  164.           Value: Private
  165.     Metadata:
  166.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet1/Subnet
  167.   VpcPrivateSubnet1RouteTableB2C5B500:
  168.     Type: AWS::EC2::RouteTable
  169.     Properties:
  170.       VpcId:
  171.         Ref: Vpc8378EB38
  172.       Tags:
  173.         - Key: Name
  174.           Value: aws-ecs-integ-ecs/Vpc/PrivateSubnet1
  175.     Metadata:
  176.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet1/RouteTable
  177.   VpcPrivateSubnet1RouteTableAssociation70C59FA6:
  178.     Type: AWS::EC2::SubnetRouteTableAssociation
  179.     Properties:
  180.       RouteTableId:
  181.         Ref: VpcPrivateSubnet1RouteTableB2C5B500
  182.       SubnetId:
  183.         Ref: VpcPrivateSubnet1Subnet536B997A
  184.     Metadata:
  185.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet1/RouteTableAssociation
  186.   VpcPrivateSubnet1DefaultRouteBE02A9ED:
  187.     Type: AWS::EC2::Route
  188.     Properties:
  189.       RouteTableId:
  190.         Ref: VpcPrivateSubnet1RouteTableB2C5B500
  191.       DestinationCidrBlock: 0.0.0.0/0
  192.       NatGatewayId:
  193.         Ref: VpcPublicSubnet1NATGateway4D7517AA
  194.     Metadata:
  195.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet1/DefaultRoute
  196.   VpcPrivateSubnet2Subnet3788AAA1:
  197.     Type: AWS::EC2::Subnet
  198.     Properties:
  199.       CidrBlock: 10.0.192.0/18
  200.       VpcId:
  201.         Ref: Vpc8378EB38
  202.       AvailabilityZone: eu-central-1b
  203.       MapPublicIpOnLaunch: false
  204.       Tags:
  205.         - Key: Name
  206.           Value: aws-ecs-integ-ecs/Vpc/PrivateSubnet2
  207.         - Key: aws-cdk:subnet-name
  208.           Value: Private
  209.         - Key: aws-cdk:subnet-type
  210.           Value: Private
  211.     Metadata:
  212.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet2/Subnet
  213.   VpcPrivateSubnet2RouteTableA678073B:
  214.     Type: AWS::EC2::RouteTable
  215.     Properties:
  216.       VpcId:
  217.         Ref: Vpc8378EB38
  218.       Tags:
  219.         - Key: Name
  220.           Value: aws-ecs-integ-ecs/Vpc/PrivateSubnet2
  221.     Metadata:
  222.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet2/RouteTable
  223.   VpcPrivateSubnet2RouteTableAssociationA89CAD56:
  224.     Type: AWS::EC2::SubnetRouteTableAssociation
  225.     Properties:
  226.       RouteTableId:
  227.         Ref: VpcPrivateSubnet2RouteTableA678073B
  228.       SubnetId:
  229.         Ref: VpcPrivateSubnet2Subnet3788AAA1
  230.     Metadata:
  231.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet2/RouteTableAssociation
  232.   VpcPrivateSubnet2DefaultRoute060D2087:
  233.     Type: AWS::EC2::Route
  234.     Properties:
  235.       RouteTableId:
  236.         Ref: VpcPrivateSubnet2RouteTableA678073B
  237.       DestinationCidrBlock: 0.0.0.0/0
  238.       NatGatewayId:
  239.         Ref: VpcPublicSubnet2NATGateway9182C01D
  240.     Metadata:
  241.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/PrivateSubnet2/DefaultRoute
  242.   VpcIGWD7BA715C:
  243.     Type: AWS::EC2::InternetGateway
  244.     Properties:
  245.       Tags:
  246.         - Key: Name
  247.           Value: aws-ecs-integ-ecs/Vpc
  248.     Metadata:
  249.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/IGW
  250.   VpcVPCGWBF912B6E:
  251.     Type: AWS::EC2::VPCGatewayAttachment
  252.     Properties:
  253.       VpcId:
  254.         Ref: Vpc8378EB38
  255.       InternetGatewayId:
  256.         Ref: VpcIGWD7BA715C
  257.     Metadata:
  258.       aws:cdk:path: aws-ecs-integ-ecs/Vpc/VPCGW
  259.   EcsCluster97242B84:
  260.     Type: AWS::ECS::Cluster
  261.     Metadata:
  262.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/Resource
  263.   EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231:
  264.     Type: AWS::EC2::SecurityGroup
  265.     Properties:
  266.       GroupDescription: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceSecurityGroup
  267.       SecurityGroupEgress:
  268.         - CidrIp: 0.0.0.0/0
  269.           Description: Allow all outbound traffic by default
  270.           IpProtocol: "-1"
  271.       SecurityGroupIngress:
  272.         - CidrIp: 0.0.0.0/0
  273.           Description: from 0.0.0.0/0:22
  274.           FromPort: 22
  275.           IpProtocol: tcp
  276.           ToPort: 22
  277.       Tags:
  278.         - Key: Name
  279.           Value: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup
  280.       VpcId:
  281.         Ref: Vpc8378EB38
  282.     Metadata:
  283.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource
  284.   EcsClusterDefaultAutoScalingGroupInstanceSecurityGroupfromawsecsintegecsLBSecurityGroup7DA9012980B2BB1AA6:
  285.     Type: AWS::EC2::SecurityGroupIngress
  286.     Properties:
  287.       IpProtocol: tcp
  288.       Description: Load balancer to target
  289.       FromPort: 80
  290.       GroupId:
  291.         Fn::GetAtt:
  292.          - EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231
  293.           - GroupId
  294.       SourceSecurityGroupId:
  295.         Fn::GetAtt:
  296.          - LBSecurityGroup8A41EA2B
  297.           - GroupId
  298.       ToPort: 80
  299.     Metadata:
  300.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceSecurityGroup/from
  301.         awsecsintegecsLBSecurityGroup7DA90129:80
  302.   EcsClusterDefaultAutoScalingGroupInstanceRole3C026863:
  303.     Type: AWS::IAM::Role
  304.     Properties:
  305.       AssumeRolePolicyDocument:
  306.         Statement:
  307.           - Action: sts:AssumeRole
  308.             Effect: Allow
  309.             Principal:
  310.               Service:
  311.                 Fn::Join:
  312.                  - ""
  313.                   - - ec2.
  314.                     - Ref: AWS::URLSuffix
  315.         Version: "2012-10-17"
  316.     Metadata:
  317.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceRole/Resource
  318.   EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80:
  319.     Type: AWS::IAM::Policy
  320.     Properties:
  321.       PolicyDocument:
  322.         Statement:
  323.           - Action:
  324.              - ecs:CreateCluster
  325.               - ecs:DeregisterContainerInstance
  326.               - ecs:DiscoverPollEndpoint
  327.               - ecs:Poll
  328.               - ecs:RegisterContainerInstance
  329.               - ecs:StartTelemetrySession
  330.               - ecs:Submit*
  331.               - ecr:GetAuthorizationToken
  332.               - logs:CreateLogStream
  333.               - logs:PutLogEvents
  334.             Effect: Allow
  335.             Resource: "*"
  336.         Version: "2012-10-17"
  337.       PolicyName: EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80
  338.       Roles:
  339.         - Ref: EcsClusterDefaultAutoScalingGroupInstanceRole3C026863
  340.     Metadata:
  341.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource
  342.   EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3:
  343.     Type: AWS::IAM::InstanceProfile
  344.     Properties:
  345.       Roles:
  346.         - Ref: EcsClusterDefaultAutoScalingGroupInstanceRole3C026863
  347.     Metadata:
  348.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/InstanceProfile
  349.   EcsClusterDefaultAutoScalingGroupLaunchConfigB7E376C1:
  350.     Type: AWS::AutoScaling::LaunchConfiguration
  351.     Properties:
  352.       ImageId: ami-042ae7188819e7e9b
  353.       InstanceType: t2.micro
  354.       AssociatePublicIpAddress: true
  355.       IamInstanceProfile:
  356.         Ref: EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3
  357.       KeyName: cloudbooks
  358.       SecurityGroups:
  359.         - Fn::GetAtt:
  360.            - EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231
  361.             - GroupId
  362.       UserData:
  363.         Fn::Base64:
  364.           Fn::Join:
  365.            - ""
  366.             - - |-
  367.                 #!/bin/bash
  368.                 echo ECS_CLUSTER=
  369.               - Ref: EcsCluster97242B84
  370.               - >-2
  371.                  >> /etc/ecs/ecs.config
  372.                 sudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP
  373.  
  374.                 sudo service iptables save
  375.  
  376.                 echo ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config
  377.     DependsOn:
  378.      - EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80
  379.       - EcsClusterDefaultAutoScalingGroupInstanceRole3C026863
  380.     Metadata:
  381.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/LaunchConfig
  382.   EcsClusterDefaultAutoScalingGroupASGC1A785DB:
  383.     Type: AWS::AutoScaling::AutoScalingGroup
  384.     Properties:
  385.       MaxSize: "2"
  386.       MinSize: "1"
  387.       DesiredCapacity: "2"
  388.       LaunchConfigurationName:
  389.         Ref: EcsClusterDefaultAutoScalingGroupLaunchConfigB7E376C1
  390.       Tags:
  391.         - Key: Name
  392.           PropagateAtLaunch: true
  393.           Value: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup
  394.       VPCZoneIdentifier:
  395.         - Ref: VpcPrivateSubnet1Subnet536B997A
  396.         - Ref: VpcPrivateSubnet2Subnet3788AAA1
  397.     UpdatePolicy:
  398.       AutoScalingReplacingUpdate:
  399.         WillReplace: true
  400.       AutoScalingScheduledAction:
  401.         IgnoreUnmodifiedGroupSizeProperties: true
  402.     Metadata:
  403.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/ASG
  404.   EcsClusterDefaultAutoScalingGroupDrainECSHookTopicC705BD25:
  405.     Type: AWS::SNS::Topic
  406.     Metadata:
  407.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Topic/Resource
  408.   EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA:
  409.     Type: AWS::IAM::Role
  410.     Properties:
  411.       AssumeRolePolicyDocument:
  412.         Statement:
  413.           - Action: sts:AssumeRole
  414.             Effect: Allow
  415.             Principal:
  416.               Service:
  417.                 Fn::Join:
  418.                  - ""
  419.                   - - lambda.
  420.                     - Ref: AWS::URLSuffix
  421.         Version: "2012-10-17"
  422.       ManagedPolicyArns:
  423.         - Fn::Join:
  424.            - ""
  425.             - - "arn:"
  426.               - Ref: AWS::Partition
  427.               - :iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
  428.     Metadata:
  429.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource
  430.   EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396:
  431.     Type: AWS::IAM::Policy
  432.     Properties:
  433.       PolicyDocument:
  434.         Statement:
  435.           - Action:
  436.              - autoscaling:CompleteLifecycleAction
  437.               - ec2:DescribeInstances
  438.               - ec2:DescribeInstanceAttribute
  439.               - ec2:DescribeInstanceStatus
  440.               - ec2:DescribeHosts
  441.             Effect: Allow
  442.             Resource: "*"
  443.           - Action:
  444.              - ecs:ListContainerInstances
  445.               - ecs:SubmitContainerStateChange
  446.               - ecs:SubmitTaskStateChange
  447.               - ecs:DescribeContainerInstances
  448.               - ecs:UpdateContainerInstancesState
  449.               - ecs:ListTasks
  450.               - ecs:DescribeTasks
  451.             Effect: Allow
  452.             Resource: "*"
  453.         Version: "2012-10-17"
  454.       PolicyName: EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396
  455.       Roles:
  456.         - Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA
  457.     Metadata:
  458.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource
  459.   EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E:
  460.     Type: AWS::Lambda::Function
  461.     Properties:
  462.       Code:
  463.         ZipFile: >
  464.          import boto3, json, os, time
  465.  
  466.  
  467.           ecs = boto3.client('ecs')
  468.  
  469.           autoscaling = boto3.client('autoscaling')
  470.  
  471.  
  472.  
  473.           def lambda_handler(event, context):
  474.             print(json.dumps(event))
  475.             cluster = os.environ['CLUSTER']
  476.             snsTopicArn = event['Records'][0]['Sns']['TopicArn']
  477.             lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])
  478.             instance_id = lifecycle_event.get('EC2InstanceId')
  479.             if not instance_id:
  480.               print('Got event without EC2InstanceId: %s', json.dumps(event))
  481.               return
  482.  
  483.             instance_arn = container_instance_arn(cluster, instance_id)
  484.             print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))
  485.  
  486.             if not instance_arn:
  487.               return
  488.  
  489.             while has_tasks(cluster, instance_arn):
  490.               time.sleep(10)
  491.  
  492.             try:
  493.               print('Terminating instance %s' % instance_id)
  494.               autoscaling.complete_lifecycle_action(
  495.                   LifecycleActionResult='CONTINUE',
  496.                   **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))
  497.             except Exception as e:
  498.               # Lifecycle action may have already completed.
  499.               print(str(e))
  500.  
  501.  
  502.           def container_instance_arn(cluster, instance_id):
  503.             """Turn an instance ID into a container instance ARN."""
  504.             arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']
  505.             if not arns:
  506.               return None
  507.             return arns[0]
  508.  
  509.  
  510.           def has_tasks(cluster, instance_arn):
  511.             """Return True if the instance is running tasks for the given cluster."""
  512.             instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']
  513.             if not instances:
  514.               return False
  515.             instance = instances[0]
  516.  
  517.             if instance['status'] == 'ACTIVE':
  518.               # Start draining, then try again later
  519.               set_container_instance_to_draining(cluster, instance_arn)
  520.               return True
  521.  
  522.             tasks = instance['runningTasksCount'] + instance['pendingTasksCount']
  523.             print('Instance %s has %s tasks' % (instance_arn, tasks))
  524.  
  525.             return tasks > 0
  526.  
  527.  
  528.           def set_container_instance_to_draining(cluster, instance_arn):
  529.             ecs.update_container_instances_state(
  530.                 cluster=cluster,
  531.                 containerInstances=[instance_arn], status='DRAINING')
  532.  
  533.  
  534.           def pick(dct, *keys):
  535.             """Pick a subset of a dict."""
  536.             return {k: v for k, v in dct.items() if k in keys}
  537.       Handler: index.lambda_handler
  538.       Role:
  539.         Fn::GetAtt:
  540.          - EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA
  541.           - Arn
  542.       Runtime: python3.6
  543.       Environment:
  544.         Variables:
  545.           CLUSTER:
  546.             Ref: EcsCluster97242B84
  547.       Tags:
  548.         - Key: Name
  549.           Value: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup
  550.       Timeout: 310
  551.     DependsOn:
  552.      - EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396
  553.       - EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA
  554.     Metadata:
  555.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource
  556.   EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionTopicSubscriptionDA5F8A10:
  557.     Type: AWS::SNS::Subscription
  558.     Properties:
  559.       Protocol: lambda
  560.       TopicArn:
  561.         Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookTopicC705BD25
  562.       Endpoint:
  563.         Fn::GetAtt:
  564.          - EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E
  565.           - Arn
  566.     Metadata:
  567.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/TopicSubscription/Resource
  568.   EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionTopicE6B1EBA6:
  569.     Type: AWS::Lambda::Permission
  570.     Properties:
  571.       Action: lambda:InvokeFunction
  572.       FunctionName:
  573.         Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E
  574.       Principal: sns.amazonaws.com
  575.       SourceArn:
  576.         Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookTopicC705BD25
  577.     Metadata:
  578.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic
  579.   EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B:
  580.     Type: AWS::IAM::Role
  581.     Properties:
  582.       AssumeRolePolicyDocument:
  583.         Statement:
  584.           - Action: sts:AssumeRole
  585.             Effect: Allow
  586.             Principal:
  587.               Service:
  588.                 Fn::Join:
  589.                  - ""
  590.                   - - autoscaling.
  591.                     - Ref: AWS::URLSuffix
  592.         Version: "2012-10-17"
  593.     Metadata:
  594.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource
  595.   EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88:
  596.     Type: AWS::IAM::Policy
  597.     Properties:
  598.       PolicyDocument:
  599.         Statement:
  600.           - Action: sns:Publish
  601.             Effect: Allow
  602.             Resource:
  603.               Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookTopicC705BD25
  604.         Version: "2012-10-17"
  605.       PolicyName: EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88
  606.       Roles:
  607.         - Ref: EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B
  608.     Metadata:
  609.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource
  610.   EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookFFA63029:
  611.     Type: AWS::AutoScaling::LifecycleHook
  612.     Properties:
  613.       AutoScalingGroupName:
  614.         Ref: EcsClusterDefaultAutoScalingGroupASGC1A785DB
  615.       LifecycleTransition: autoscaling:EC2_INSTANCE_TERMINATING
  616.       DefaultResult: CONTINUE
  617.       HeartbeatTimeout: 300
  618.       NotificationTargetARN:
  619.         Ref: EcsClusterDefaultAutoScalingGroupDrainECSHookTopicC705BD25
  620.       RoleARN:
  621.         Fn::GetAtt:
  622.          - EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B
  623.           - Arn
  624.     DependsOn:
  625.      - EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88
  626.       - EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B
  627.     Metadata:
  628.       aws:cdk:path: aws-ecs-integ-ecs/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource
  629.   appTaskTaskRoleD00D4FED:
  630.     Type: AWS::IAM::Role
  631.     Properties:
  632.       AssumeRolePolicyDocument:
  633.         Statement:
  634.           - Action: sts:AssumeRole
  635.             Effect: Allow
  636.             Principal:
  637.               Service:
  638.                 Fn::Join:
  639.                  - ""
  640.                   - - ecs-tasks.
  641.                     - Ref: AWS::URLSuffix
  642.         Version: "2012-10-17"
  643.     Metadata:
  644.       aws:cdk:path: aws-ecs-integ-ecs/appTask/TaskRole/Resource
  645.   appTask4D3BE904:
  646.     Type: AWS::ECS::TaskDefinition
  647.     Properties:
  648.       ContainerDefinitions:
  649.         - Essential: true
  650.           Image:
  651.             Fn::Join:
  652.              - ""
  653.               - - Fn::Select:
  654.                    - 4
  655.                     - Fn::Split:
  656.                        - ":"
  657.                         - Fn::Join:
  658.                            - ""
  659.                             - - "arn:"
  660.                               - Ref: AWS::Partition
  661.                               - ":ecr:"
  662.                               - Ref: AWS::Region
  663.                               - ":"
  664.                               - Ref: AWS::AccountId
  665.                               - :repository/nula
  666.                 - .dkr.ecr.
  667.                 - Fn::Select:
  668.                    - 3
  669.                     - Fn::Split:
  670.                        - ":"
  671.                         - Fn::Join:
  672.                            - ""
  673.                             - - "arn:"
  674.                               - Ref: AWS::Partition
  675.                               - ":ecr:"
  676.                               - Ref: AWS::Region
  677.                               - ":"
  678.                               - Ref: AWS::AccountId
  679.                               - :repository/nula
  680.                 - .amazonaws.com/nula:latest
  681.           Links: []
  682.           LinuxParameters:
  683.             Capabilities:
  684.               Add: []
  685.               Drop: []
  686.             Devices: []
  687.             Tmpfs: []
  688.           Memory: 256
  689.           MountPoints: []
  690.           Name: cloudbooks_app
  691.           PortMappings:
  692.             - ContainerPort: 80
  693.               HostPort: 80
  694.               Protocol: tcp
  695.           Ulimits: []
  696.           VolumesFrom: []
  697.       ExecutionRoleArn:
  698.         Fn::GetAtt:
  699.          - appTaskExecutionRoleE02FDB1B
  700.           - Arn
  701.       Family: awsecsintegecsappTask199176EE
  702.       NetworkMode: bridge
  703.       PlacementConstraints: []
  704.       RequiresCompatibilities:
  705.        - EC2
  706.       TaskRoleArn:
  707.         Fn::GetAtt:
  708.          - appTaskTaskRoleD00D4FED
  709.           - Arn
  710.       Volumes: []
  711.     Metadata:
  712.       aws:cdk:path: aws-ecs-integ-ecs/appTask/Resource
  713.   appTaskExecutionRoleE02FDB1B:
  714.     Type: AWS::IAM::Role
  715.     Properties:
  716.       AssumeRolePolicyDocument:
  717.         Statement:
  718.           - Action: sts:AssumeRole
  719.             Effect: Allow
  720.             Principal:
  721.               Service:
  722.                 Fn::Join:
  723.                  - ""
  724.                   - - ecs-tasks.
  725.                     - Ref: AWS::URLSuffix
  726.         Version: "2012-10-17"
  727.     Metadata:
  728.       aws:cdk:path: aws-ecs-integ-ecs/appTask/ExecutionRole/Resource
  729.   appTaskExecutionRoleDefaultPolicy6FBD12BC:
  730.     Type: AWS::IAM::Policy
  731.     Properties:
  732.       PolicyDocument:
  733.         Statement:
  734.           - Action:
  735.              - ecr:BatchCheckLayerAvailability
  736.               - ecr:GetDownloadUrlForLayer
  737.               - ecr:BatchGetImage
  738.             Effect: Allow
  739.             Resource:
  740.               Fn::Join:
  741.                - ""
  742.                 - - "arn:"
  743.                   - Ref: AWS::Partition
  744.                   - ":ecr:"
  745.                   - Ref: AWS::Region
  746.                   - ":"
  747.                   - Ref: AWS::AccountId
  748.                   - :repository/nula
  749.           - Action:
  750.              - ecr:GetAuthorizationToken
  751.               - logs:CreateLogStream
  752.               - logs:PutLogEvents
  753.             Effect: Allow
  754.             Resource: "*"
  755.         Version: "2012-10-17"
  756.       PolicyName: appTaskExecutionRoleDefaultPolicy6FBD12BC
  757.       Roles:
  758.         - Ref: appTaskExecutionRoleE02FDB1B
  759.     Metadata:
  760.       aws:cdk:path: aws-ecs-integ-ecs/appTask/ExecutionRole/DefaultPolicy/Resource
  761.   workerTaskDefTaskRole4F762C8C:
  762.     Type: AWS::IAM::Role
  763.     Properties:
  764.       AssumeRolePolicyDocument:
  765.         Statement:
  766.           - Action: sts:AssumeRole
  767.             Effect: Allow
  768.             Principal:
  769.               Service:
  770.                 Fn::Join:
  771.                  - ""
  772.                   - - ecs-tasks.
  773.                     - Ref: AWS::URLSuffix
  774.         Version: "2012-10-17"
  775.     Metadata:
  776.       aws:cdk:path: aws-ecs-integ-ecs/workerTaskDef/TaskRole/Resource
  777.   workerTaskDefE7B18110:
  778.     Type: AWS::ECS::TaskDefinition
  779.     Properties:
  780.       ContainerDefinitions:
  781.         - EntryPoint:
  782.            - /usr/bin/supervisord
  783.             - -n
  784.             - -c
  785.             - /etc/supervisord.conf
  786.           Environment:
  787.             - Name: SUPER_CMD
  788.               Value: php /var/www/html/artisan queue:work --sleep=5 --tries=1 --daemon
  789.           Essential: true
  790.           Image:
  791.             Fn::Join:
  792.              - ""
  793.               - - Fn::Select:
  794.                    - 4
  795.                     - Fn::Split:
  796.                        - ":"
  797.                         - Fn::Join:
  798.                            - ""
  799.                             - - "arn:"
  800.                               - Ref: AWS::Partition
  801.                               - ":ecr:"
  802.                               - Ref: AWS::Region
  803.                               - ":"
  804.                               - Ref: AWS::AccountId
  805.                               - :repository/nula
  806.                 - .dkr.ecr.
  807.                 - Fn::Select:
  808.                    - 3
  809.                     - Fn::Split:
  810.                        - ":"
  811.                         - Fn::Join:
  812.                            - ""
  813.                             - - "arn:"
  814.                               - Ref: AWS::Partition
  815.                               - ":ecr:"
  816.                               - Ref: AWS::Region
  817.                               - ":"
  818.                               - Ref: AWS::AccountId
  819.                               - :repository/nula
  820.                 - .amazonaws.com/nula:latest
  821.           Links: []
  822.           LinuxParameters:
  823.             Capabilities:
  824.               Add: []
  825.               Drop: []
  826.             Devices: []
  827.             Tmpfs: []
  828.           Memory: 256
  829.           MountPoints: []
  830.           Name: cloudbooks_worker1
  831.           PortMappings:
  832.             - ContainerPort: 80
  833.               HostPort: 80
  834.               Protocol: tcp
  835.           Ulimits: []
  836.           VolumesFrom: []
  837.       ExecutionRoleArn:
  838.         Fn::GetAtt:
  839.          - workerTaskDefExecutionRole8DB2FD3C
  840.           - Arn
  841.       Family: awsecsintegecsworkerTaskDef9FBFFB39
  842.       NetworkMode: bridge
  843.       PlacementConstraints: []
  844.       RequiresCompatibilities:
  845.        - EC2
  846.       TaskRoleArn:
  847.         Fn::GetAtt:
  848.          - workerTaskDefTaskRole4F762C8C
  849.           - Arn
  850.       Volumes: []
  851.     Metadata:
  852.       aws:cdk:path: aws-ecs-integ-ecs/workerTaskDef/Resource
  853.   workerTaskDefExecutionRole8DB2FD3C:
  854.     Type: AWS::IAM::Role
  855.     Properties:
  856.       AssumeRolePolicyDocument:
  857.         Statement:
  858.           - Action: sts:AssumeRole
  859.             Effect: Allow
  860.             Principal:
  861.               Service:
  862.                 Fn::Join:
  863.                  - ""
  864.                   - - ecs-tasks.
  865.                     - Ref: AWS::URLSuffix
  866.         Version: "2012-10-17"
  867.     Metadata:
  868.       aws:cdk:path: aws-ecs-integ-ecs/workerTaskDef/ExecutionRole/Resource
  869.   workerTaskDefExecutionRoleDefaultPolicyE16223F3:
  870.     Type: AWS::IAM::Policy
  871.     Properties:
  872.       PolicyDocument:
  873.         Statement:
  874.           - Action:
  875.              - ecr:BatchCheckLayerAvailability
  876.               - ecr:GetDownloadUrlForLayer
  877.               - ecr:BatchGetImage
  878.             Effect: Allow
  879.             Resource:
  880.               Fn::Join:
  881.                - ""
  882.                 - - "arn:"
  883.                   - Ref: AWS::Partition
  884.                   - ":ecr:"
  885.                   - Ref: AWS::Region
  886.                   - ":"
  887.                   - Ref: AWS::AccountId
  888.                   - :repository/nula
  889.           - Action:
  890.              - ecr:GetAuthorizationToken
  891.               - logs:CreateLogStream
  892.               - logs:PutLogEvents
  893.             Effect: Allow
  894.             Resource: "*"
  895.         Version: "2012-10-17"
  896.       PolicyName: workerTaskDefExecutionRoleDefaultPolicyE16223F3
  897.       Roles:
  898.         - Ref: workerTaskDefExecutionRole8DB2FD3C
  899.     Metadata:
  900.       aws:cdk:path: aws-ecs-integ-ecs/workerTaskDef/ExecutionRole/DefaultPolicy/Resource
  901.   appServiceD08846AF:
  902.     Type: AWS::ECS::Service
  903.     Properties:
  904.       TaskDefinition:
  905.         Ref: appTask4D3BE904
  906.       Cluster:
  907.         Ref: EcsCluster97242B84
  908.       DeploymentConfiguration:
  909.         MaximumPercent: 200
  910.         MinimumHealthyPercent: 50
  911.       DesiredCount: 1
  912.       LaunchType: EC2
  913.       LoadBalancers:
  914.         - ContainerName: cloudbooks_app
  915.           ContainerPort: 80
  916.           TargetGroupArn:
  917.             Ref: LBPublicListenerECSGroupD6A32205
  918.       PlacementConstraints: []
  919.       PlacementStrategies: []
  920.       SchedulingStrategy: REPLICA
  921.     DependsOn:
  922.      - LBPublicListenerECSGroupD6A32205
  923.       - LBPublicListener6E1F3D94
  924.     Metadata:
  925.       aws:cdk:path: aws-ecs-integ-ecs/appService/Service
  926.   workerServiceA67555CE:
  927.     Type: AWS::ECS::Service
  928.     Properties:
  929.       TaskDefinition:
  930.         Ref: workerTaskDefE7B18110
  931.       Cluster:
  932.         Ref: EcsCluster97242B84
  933.       DeploymentConfiguration:
  934.         MaximumPercent: 200
  935.         MinimumHealthyPercent: 50
  936.       DesiredCount: 1
  937.       LaunchType: EC2
  938.       LoadBalancers: []
  939.       PlacementConstraints: []
  940.       PlacementStrategies:
  941.         - Field: attribute:ecs.availability-zone
  942.           Type: spread
  943.       SchedulingStrategy: REPLICA
  944.     Metadata:
  945.       aws:cdk:path: aws-ecs-integ-ecs/workerService/Service
  946.   LB8A12904C:
  947.     Type: AWS::ElasticLoadBalancingV2::LoadBalancer
  948.     Properties:
  949.       LoadBalancerAttributes: []
  950.       Scheme: internet-facing
  951.       SecurityGroups:
  952.         - Fn::GetAtt:
  953.            - LBSecurityGroup8A41EA2B
  954.             - GroupId
  955.       Subnets:
  956.         - Ref: VpcPublicSubnet1Subnet5C2D37C4
  957.         - Ref: VpcPublicSubnet2Subnet691E08A3
  958.       Type: application
  959.     DependsOn:
  960.      - VpcPublicSubnet1DefaultRoute3DA9E72A
  961.       - VpcPublicSubnet2DefaultRoute97F91067
  962.     Metadata:
  963.       aws:cdk:path: aws-ecs-integ-ecs/LB/Resource
  964.   LBSecurityGroup8A41EA2B:
  965.     Type: AWS::EC2::SecurityGroup
  966.     Properties:
  967.       GroupDescription: Automatically created Security Group for ELB awsecsintegecsLB84BFA683
  968.       SecurityGroupEgress: []
  969.       SecurityGroupIngress:
  970.         - CidrIp: 0.0.0.0/0
  971.           Description: Allow from anyone on port 80
  972.           FromPort: 80
  973.           IpProtocol: tcp
  974.           ToPort: 80
  975.       VpcId:
  976.         Ref: Vpc8378EB38
  977.     Metadata:
  978.       aws:cdk:path: aws-ecs-integ-ecs/LB/SecurityGroup/Resource
  979.   LBSecurityGrouptoawsecsintegecsEcsClusterDefaultAutoScalingGroupInstanceSecurityGroupE311641080C26A06F0:
  980.     Type: AWS::EC2::SecurityGroupEgress
  981.     Properties:
  982.       GroupId:
  983.         Fn::GetAtt:
  984.          - LBSecurityGroup8A41EA2B
  985.           - GroupId
  986.       IpProtocol: tcp
  987.       Description: Load balancer to target
  988.       DestinationSecurityGroupId:
  989.         Fn::GetAtt:
  990.          - EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231
  991.           - GroupId
  992.       FromPort: 80
  993.       ToPort: 80
  994.     Metadata:
  995.       aws:cdk:path: aws-ecs-integ-ecs/LB/SecurityGroup/to
  996.         awsecsintegecsEcsClusterDefaultAutoScalingGroupInstanceSecurityGroupE3116410:80
  997.   LBPublicListener6E1F3D94:
  998.     Type: AWS::ElasticLoadBalancingV2::Listener
  999.     Properties:
  1000.       DefaultActions:
  1001.         - TargetGroupArn:
  1002.             Ref: LBPublicListenerECSGroupD6A32205
  1003.           Type: forward
  1004.       LoadBalancerArn:
  1005.         Ref: LB8A12904C
  1006.       Port: 80
  1007.       Protocol: HTTP
  1008.       Certificates: []
  1009.     Metadata:
  1010.       aws:cdk:path: aws-ecs-integ-ecs/LB/PublicListener/Resource
  1011.   LBPublicListenerECSGroupD6A32205:
  1012.     Type: AWS::ElasticLoadBalancingV2::TargetGroup
  1013.     Properties:
  1014.       HealthCheckIntervalSeconds: 60
  1015.       HealthCheckPath: /
  1016.       HealthCheckTimeoutSeconds: 5
  1017.       Port: 80
  1018.       Protocol: HTTP
  1019.       TargetGroupAttributes: []
  1020.       Targets: []
  1021.       TargetType: instance
  1022.       VpcId:
  1023.         Ref: Vpc8378EB38
  1024.     Metadata:
  1025.       aws:cdk:path: aws-ecs-integ-ecs/LB/PublicListener/ECSGroup/Resource
  1026.   CDKMetadata:
  1027.     Type: AWS::CDK::Metadata
  1028.     Properties:
  1029.       Modules: aws-cdk=0.26.0,@aws-cdk/assets=0.26.0,@aws-cdk/assets-docker=0.26.0,@aws-cdk/aws-applicationautoscaling=0.26.0,@aws-cdk/aws-autoscaling=0.26.0,@aws-cdk/aws-autoscaling-common=0.26.0,@aws-cdk/aws-certificatemanager=0.26.0,@aws-cdk/aws-cloudformation=0.26.0,@aws-cdk/aws-cloudwatch=0.26.0,@aws-cdk/aws-codedeploy-api=0.26.0,@aws-cdk/aws-codepipeline-api=0.26.0,@aws-cdk/aws-ec2=0.26.0,@aws-cdk/aws-ecr=0.26.0,@aws-cdk/aws-ecs=0.26.0,@aws-cdk/aws-elasticloadbalancingv2=0.26.0,@aws-cdk/aws-events=0.26.0,@aws-cdk/aws-iam=0.26.0,@aws-cdk/aws-kms=0.26.0,@aws-cdk/aws-lambda=0.26.0,@aws-cdk/aws-logs=0.26.0,@aws-cdk/aws-route53=0.26.0,@aws-cdk/aws-s3=0.26.0,@aws-cdk/aws-s3-notifications=0.26.0,@aws-cdk/aws-sns=0.26.0,@aws-cdk/aws-sqs=0.26.0,@aws-cdk/cdk=0.26.0,@aws-cdk/cx-api=0.26.0,@aws-cdk/region-info=0.26.0,jsii-runtime=node.js/v11.11.0
  1030. Outputs:
  1031.   LoadBalancerDNS:
  1032.     Value:
  1033.       Fn::GetAtt:
  1034.        - LB8A12904C
  1035.         - DNSName
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!