gautam-nutalapati/EC2 ECS ASG Secret

## EC2 ECS ASG
Resources:
  # Link manually to ECS cluster via aws ecs put-cluster-capacity-providers --cluster <CLUSTER_NAME> --capacity-providers FARGATE FARGATE_SPOT <CAPACITY_PROVIDER_NAME_FROM_OUTPUTS> --default-capacity-provider-strategy
  EC2CapacityProvider1:
    Type: "AWS::ECS::CapacityProvider"
    Properties:
      AutoScalingGroupProvider:
        AutoScalingGroupArn: !Ref ECSAutoScalingGroup
        ManagedScaling:
          Status: ENABLED
          TargetCapacity: 70
        ManagedTerminationProtection: DISABLED
  ECSAutoScalingGroup:
    Type: 'AWS::AutoScaling::AutoScalingGroup'
    Condition: IsEC2BasedCapacityProviderUsed
    Properties:
      AutoScalingGroupName: !Sub "${App}-${Env}-EC2-ECS-Provider"
      VPCZoneIdentifier:
        Fn::Split: [ ",",Fn::ImportValue: !Sub "${App}-${Env}-PrivateSubnets" ]
      LaunchConfigurationName: !Ref ContainerInstances
      MinSize: '1'
      MaxSize: '10'
      DesiredCapacity: '1'
    CreationPolicy:
      ResourceSignal:
        Timeout: PT15M
    UpdatePolicy:
      AutoScalingReplacingUpdate:
        WillReplace: 'true'
  ContainerInstances:
    Type: 'AWS::AutoScaling::LaunchConfiguration'
    Condition: IsEC2BasedCapacityProviderUsed
    Properties:
      LaunchConfigurationName: !Sub "${App}-${Env}-EC2-ECS-Provider-Test"
      AssociatePublicIpAddress: true
      ImageId: ami-0f863d7367abe5d6f
      SecurityGroups:
        - Fn::ImportValue: !Sub "${App}-${Env}-EnvironmentSecurityGroup"
      InstanceType: m5.large
      IamInstanceProfile: !Ref EC2InstanceProfile
      UserData: !Base64
        'Fn::Join':
          - ''
          - - |
              #!/bin/bash -xe
            - echo ECS_CLUSTER=
            - Fn::ImportValue: !Sub "${App}-${Env}-ClusterId"
            - |2
              >> /etc/ecs/ecs.config
            - |
              yum install -y aws-cfn-bootstrap
            - '/opt/aws/bin/cfn-signal -e $? '
            - '         --stack '
            - !Ref 'AWS::StackName'
            - '         --region '
            - !Ref 'AWS::Region'
            - |2
                       --resource ECSAutoScalingGroup
            - |
              yum install -y unzip
              curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
              unzip awscliv2.zip
              rm awscliv2.zip
              sudo ./aws/install
            - |
              aws --version
            - 'aws ecs put-account-setting --name awsvpcTrunking --value enabled --region '
            - !Ref 'AWS::Region'
            - |+
  EC2InstanceProfile:
    Type: 'AWS::IAM::InstanceProfile'
    Condition: IsEC2BasedCapacityProviderUsed
    Properties:
      Path: /
      Roles:
        - !Ref EC2Role
  EC2Role:
    Type: 'AWS::IAM::Role'
    Condition: IsEC2BasedCapacityProviderUsed
    Properties:
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - ec2.amazonaws.com
            Action:
              - 'sts:AssumeRole'
      Path: /
      Policies:
        - PolicyName: ecs-service
          PolicyDocument:
            Statement:
              - Effect: Allow
                Action:
                  - 'ecs:CreateCluster'
                  - 'ecs:PutAccountSetting'
                  - 'cloudformation:SignalResource'
                  - 'ecs:DeregisterContainerInstance'
                  - 'ecs:DiscoverPollEndpoint'
                  - 'ecs:Poll'
                  - 'ecs:RegisterContainerInstance'
                  - 'ecs:StartTelemetrySession'
                  - 'ecs:Submit*'
                  - 'logs:CreateLogStream'
                  - 'logs:PutLogEvents'
                Resource: '*'

Outputs:
  EC2CapacityProvider1:
    Description: EC2CapacityProviderName to be linked to ECS cluster manually
    Value: !Ref EC2CapacityProvider1
    Export:
      Name: !Sub ${App}-${Env}-ec2-capacity-provider-1
	Resources:
	# Link manually to ECS cluster via aws ecs put-cluster-capacity-providers --cluster <CLUSTER_NAME> --capacity-providers FARGATE FARGATE_SPOT <CAPACITY_PROVIDER_NAME_FROM_OUTPUTS> --default-capacity-provider-strategy
	EC2CapacityProvider1:
	Type: "AWS::ECS::CapacityProvider"
	Properties:
	AutoScalingGroupProvider:
	AutoScalingGroupArn: !Ref ECSAutoScalingGroup
	ManagedScaling:
	Status: ENABLED
	TargetCapacity: 70
	ManagedTerminationProtection: DISABLED
	ECSAutoScalingGroup:
	Type: 'AWS::AutoScaling::AutoScalingGroup'
	Condition: IsEC2BasedCapacityProviderUsed
	Properties:
	AutoScalingGroupName: !Sub "${App}-${Env}-EC2-ECS-Provider"
	VPCZoneIdentifier:
	Fn::Split: [ ",",Fn::ImportValue: !Sub "${App}-${Env}-PrivateSubnets" ]
	LaunchConfigurationName: !Ref ContainerInstances
	MinSize: '1'
	MaxSize: '10'
	DesiredCapacity: '1'
	CreationPolicy:
	ResourceSignal:
	Timeout: PT15M
	UpdatePolicy:
	AutoScalingReplacingUpdate:
	WillReplace: 'true'
	ContainerInstances:
	Type: 'AWS::AutoScaling::LaunchConfiguration'
	Condition: IsEC2BasedCapacityProviderUsed
	Properties:
	LaunchConfigurationName: !Sub "${App}-${Env}-EC2-ECS-Provider-Test"
	AssociatePublicIpAddress: true
	ImageId: ami-0f863d7367abe5d6f
	SecurityGroups:
	- Fn::ImportValue: !Sub "${App}-${Env}-EnvironmentSecurityGroup"
	InstanceType: m5.large
	IamInstanceProfile: !Ref EC2InstanceProfile
	UserData: !Base64
	'Fn::Join':
	- ''
	- - \|
	#!/bin/bash -xe
	- echo ECS_CLUSTER=
	- Fn::ImportValue: !Sub "${App}-${Env}-ClusterId"
	- \|2
	>> /etc/ecs/ecs.config
	- \|
	yum install -y aws-cfn-bootstrap
	- '/opt/aws/bin/cfn-signal -e $? '
	- ' --stack '
	- !Ref 'AWS::StackName'
	- ' --region '
	- !Ref 'AWS::Region'
	- \|2
	--resource ECSAutoScalingGroup
	- \|
	yum install -y unzip
	curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
	unzip awscliv2.zip
	rm awscliv2.zip
	sudo ./aws/install
	- \|
	aws --version
	- 'aws ecs put-account-setting --name awsvpcTrunking --value enabled --region '
	- !Ref 'AWS::Region'
	- \|+
	EC2InstanceProfile:
	Type: 'AWS::IAM::InstanceProfile'
	Condition: IsEC2BasedCapacityProviderUsed
	Properties:
	Path: /
	Roles:
	- !Ref EC2Role
	EC2Role:
	Type: 'AWS::IAM::Role'
	Condition: IsEC2BasedCapacityProviderUsed
	Properties:
	AssumeRolePolicyDocument:
	Statement:
	- Effect: Allow
	Principal:
	Service:
	- ec2.amazonaws.com
	Action:
	- 'sts:AssumeRole'
	Path: /
	Policies:
	- PolicyName: ecs-service
	PolicyDocument:
	Statement:
	- Effect: Allow
	Action:
	- 'ecs:CreateCluster'
	- 'ecs:PutAccountSetting'
	- 'cloudformation:SignalResource'
	- 'ecs:DeregisterContainerInstance'
	- 'ecs:DiscoverPollEndpoint'
	- 'ecs:Poll'
	- 'ecs:RegisterContainerInstance'
	- 'ecs:StartTelemetrySession'
	- 'ecs:Submit*'
	- 'logs:CreateLogStream'
	- 'logs:PutLogEvents'
	Resource: '*'

	Outputs:
	EC2CapacityProvider1:
	Description: EC2CapacityProviderName to be linked to ECS cluster manually
	Value: !Ref EC2CapacityProvider1
	Export:
	Name: !Sub ${App}-${Env}-ec2-capacity-provider-1