Skip to content

Instantly share code, notes, and snippets.

@wolfeidau

wolfeidau/MyFirstEcsCluster.template.json

Last active August 20, 2019 03:52
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wolfeidau/5b79b9f88d7e4e58e8d936d7f42beeeb to your computer and use it in GitHub Desktop.
Save wolfeidau/5b79b9f88d7e4e58e8d936d7f42beeeb to your computer and use it in GitHub Desktop.
Download ZIP
Raw
cdk.out
AWS_PROFILE=testing AWS_REGION=ap-southeast-2 npm run cdk -- deploy -v
> ecs-cluster@1.0.0 cdk /Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster
> cdk "deploy" "-v"
CDK toolkit version: 1.4.0 (build 175471f)
Command line arguments: { _: [ 'deploy' ],
'ignore-errors': false,
ignoreErrors: false,
json: false,
j: false,
verbose: true,
v: true,
ec2creds: undefined,
i: undefined,
'version-reporting': undefined,
versionReporting: undefined,
'path-metadata': true,
pathMetadata: true,
'asset-metadata': true,
assetMetadata: true,
staging: true,
ci: false,
'role-arn': undefined,
r: undefined,
roleArn: undefined,
'build-exclude': [],
E: [],
buildExclude: [],
'$0':
'/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/.bin/cdk' }
Determining whether we're on an EC2 instance.
Does not look like EC2 instance.
cdk.json: {
"app": "node index"
}
merged settings: { versionReporting: true,
pathMetadata: true,
output: 'cdk.out',
app: 'node index',
context: {},
tags: [],
assetMetadata: true,
toolkitBucket: {},
staging: true }
Setting "CDK_DEFAULT_REGION" environment variable to ap-southeast-2
Resolving default credentials
Retrieved account ID XXXXXXXXXXX from disk cache
Setting "CDK_DEFAULT_ACCOUNT" environment variable to XXXXXXXXXXX
context: { 'aws:cdk:enable-path-metadata': true,
'aws:cdk:enable-asset-metadata': true }
outdir: cdk.out
env: { CDK_DEFAULT_REGION: 'ap-southeast-2',
CDK_DEFAULT_ACCOUNT: 'XXXXXXXXXXX',
CDK_CONTEXT_JSON:
'{"aws:cdk:enable-path-metadata":true,"aws:cdk:enable-asset-metadata":true}',
CDK_OUTDIR: 'cdk.out' }
Reading existing template for stack MyFirstEcsCluster.
Using default AWS SDK credentials for account XXXXXXXXXXX
MyFirstEcsCluster: deploying...
Waiting for stack CDKToolkit to finish creating or updating...
Using default AWS SDK credentials for account XXXXXXXXXXX
s3://cdktoolkit-stagingbucket-abc123/cdk/MyFirstEcsCluster/2b77c60704f8e7191e656d3439a8f5a70ca163da5411dba7e22647ec12eec444.yml: checking if already exists
s3://cdktoolkit-stagingbucket-abc123/cdk/MyFirstEcsCluster/2b77c60704f8e7191e656d3439a8f5a70ca163da5411dba7e22647ec12eec444.yml: uploading
s3://cdktoolkit-stagingbucket-abc123/cdk/MyFirstEcsCluster/2b77c60704f8e7191e656d3439a8f5a70ca163da5411dba7e22647ec12eec444.yml: upload complete
Stored template in S3 at: https://cdktoolkit-stagingbucket-abc123.s3.amazonaws.com/cdk/MyFirstEcsCluster/2b77c60704f8e7191e656d3439a8f5a70ca163da5411dba7e22647ec12eec444.yml
Found existing stack MyFirstEcsCluster that had previously failed creation. Deleting it before attempting to re-create it.
Waiting for stack MyFirstEcsCluster to finish creating or updating...
Stack MyFirstEcsCluster is still not stable (DELETE_IN_PROGRESS (User Initiated))
Stack MyFirstEcsCluster does not exist
Attempting to create ChangeSet CDK-3a2794ec-5174-46df-97eb-6aad5f2af290 to create stack MyFirstEcsCluster
MyFirstEcsCluster: creating CloudFormation changeset...
Initiated creation of changeset: arn:aws:cloudformation:ap-southeast-2:XXXXXXXXXXX:changeSet/CDK-3a2794ec-5174-46df-97eb-6aad5f2af290/6adba869-a643-460f-a161-3ed71edbf1ea; waiting for it to finish creating...
Waiting for changeset CDK-3a2794ec-5174-46df-97eb-6aad5f2af290 on stack MyFirstEcsCluster to finish creating...
Changeset CDK-3a2794ec-5174-46df-97eb-6aad5f2af290 on stack MyFirstEcsCluster is still creating
Initiating execution of changeset CDK-3a2794ec-5174-46df-97eb-6aad5f2af290 on stack MyFirstEcsCluster
Execution of changeset CDK-3a2794ec-5174-46df-97eb-6aad5f2af290 on stack MyFirstEcsCluster has started; waiting for the update to complete...
Waiting for stack MyFirstEcsCluster to finish creating or updating...
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS (User Initiated))
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::SNS::Topic | MyFleet/LifecycleHookDrainHook/Topic (MyFleetLifecycleHookDrainHookTopicF84246FB)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::SNS::Topic | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::EC2::VPC | MyVpc (MyVpcF9F0CA6F)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/InstanceRole (MyFleetInstanceRole25A84AB8)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole (EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::ECS::Cluster | EcsCluster (EcsCluster97242B84)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet1/EIP (MyVpcPublicSubnet1EIP096967CB)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet2/EIP (MyVpcPublicSubnet2EIP8CCBA239)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/LifecycleHookDrainHook/Role (MyFleetLifecycleHookDrainHookRole3DCFCCB8)
0/56 | 1:41:47 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/DrainECSHook/Function/ServiceRole (MyFleetDrainECSHookFunctionServiceRole6367A4A3)
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::SNS::Topic | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::SNS::Topic | MyFleet/LifecycleHookDrainHook/Topic (MyFleetLifecycleHookDrainHookTopicF84246FB) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/InstanceRole (EcsClusterDefaultAutoScalingGroupInstanceRole3C026863)
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::EC2::VPC | MyVpc (MyVpcF9F0CA6F) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::EC2::InternetGateway | MyVpc/IGW (MyVpcIGW5C4A4F63)
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/InstanceRole (MyFleetInstanceRole25A84AB8) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole (EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet1/EIP (MyVpcPublicSubnet1EIP096967CB) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet2/EIP (MyVpcPublicSubnet2EIP8CCBA239) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::ECS::Cluster | EcsCluster (EcsCluster97242B84) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/LifecycleHookDrainHook/Role (MyFleetLifecycleHookDrainHookRole3DCFCCB8) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::EC2::InternetGateway | MyVpc/IGW (MyVpcIGW5C4A4F63) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | MyFleet/DrainECSHook/Function/ServiceRole (MyFleetDrainECSHookFunctionServiceRole6367A4A3) Resource creation Initiated
0/56 | 1:41:48 PM | CREATE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/InstanceRole (EcsClusterDefaultAutoScalingGroupInstanceRole3C026863) Resource creation Initiated
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
1/56 | 1:41:48 PM | CREATE_COMPLETE | AWS::ECS::Cluster | EcsCluster (EcsCluster97242B84)
1/56 | 1:41:49 PM | CREATE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata Resource creation Initiated
2/56 | 1:41:50 PM | CREATE_COMPLETE | AWS::CDK::Metadata | CDKMetadata
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
3/56 | 1:41:58 PM | CREATE_COMPLETE | AWS::SNS::Topic | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4)
4/56 | 1:41:58 PM | CREATE_COMPLETE | AWS::SNS::Topic | MyFleet/LifecycleHookDrainHook/Topic (MyFleetLifecycleHookDrainHookTopicF84246FB)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (CREATE_IN_PROGRESS)
5/56 | 1:41:59 PM | CREATE_COMPLETE | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/InstanceRole (EcsClusterDefaultAutoScalingGroupInstanceRole3C026863)
6/56 | 1:42:00 PM | CREATE_COMPLETE | AWS::IAM::Role | MyFleet/DrainECSHook/Function/ServiceRole (MyFleetDrainECSHookFunctionServiceRole6367A4A3)
6/56 | 1:42:02 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy (EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80)
6/56 | 1:42:02 PM | CREATE_IN_PROGRESS | AWS::IAM::InstanceProfile | EcsCluster/DefaultAutoScalingGroup/InstanceProfile (EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3)
6/56 | 1:42:03 PM | CREATE_IN_PROGRESS | AWS::IAM::InstanceProfile | EcsCluster/DefaultAutoScalingGroup/InstanceProfile (EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3) Resource creation Initiated
7/56 | 1:42:03 PM | CREATE_COMPLETE | AWS::EC2::EIP | MyVpc/PublicSubnet1/EIP (MyVpcPublicSubnet1EIP096967CB)
7/56 | 1:42:03 PM | CREATE_IN_PROGRESS | AWS::IAM::Policy | EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy (EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80) Resource creation Initiated
8/56 | 1:42:03 PM | CREATE_COMPLETE | AWS::EC2::EIP | MyVpc/PublicSubnet2/EIP (MyVpcPublicSubnet2EIP8CCBA239)
9/56 | 1:42:04 PM | CREATE_COMPLETE | AWS::EC2::InternetGateway | MyVpc/IGW (MyVpcIGW5C4A4F63)
Stack MyFirstEcsCluster is still not stable (ROLLBACK_IN_PROGRESS (The following resource(s) failed to create: [EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80, MyFleetLifecycleHookDrainHookRole3DCFCCB8, EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B, EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3, EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA, MyVpcPrivateSubnet2Subnet0040C983, MyVpcPublicSubnet2Subnet492B6BFB, MyVpcPrivateSubnet1RouteTable8819E6E2, MyFleetInstanceRole25A84AB8]. . Rollback requested by user.))
10/56 | 1:42:04 PM | CREATE_COMPLETE | AWS::EC2::VPC | MyVpc (MyVpcF9F0CA6F)
11/56 | 1:42:06 PM | CREATE_FAILED | AWS::EC2::Subnet | MyVpc/PrivateSubnet2/Subnet (MyVpcPrivateSubnet2Subnet0040C983) Template error: Fn::Select cannot select nonexistent value at index 1
new Subnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:487:24)
\_ new PrivateSubnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:583:9)
\_ availabilityZones.forEach (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:421:43)
\_ Array.forEach (<anonymous>)
\_ Vpc.createSubnetResources (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:400:32)
\_ Vpc.createSubnets (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:396:18)
\_ new Vpc (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:231:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:10:21)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
12/56 | 1:42:07 PM | CREATE_FAILED | AWS::EC2::Subnet | MyVpc/PublicSubnet2/Subnet (MyVpcPublicSubnet2Subnet492B6BFB) Template error: Fn::Select cannot select nonexistent value at index 1
new Subnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:487:24)
\_ new PublicSubnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:556:9)
\_ availabilityZones.forEach (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:416:42)
\_ Array.forEach (<anonymous>)
\_ Vpc.createSubnetResources (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:400:32)
\_ Vpc.createSubnets (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:396:18)
\_ new Vpc (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:231:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:10:21)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
12/56 | 1:42:07 PM | CREATE_IN_PROGRESS | AWS::EC2::RouteTable | MyVpc/PrivateSubnet1/RouteTable (MyVpcPrivateSubnet1RouteTable8819E6E2)
13/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B) Resource creation cancelled
new Role (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/role.js:35:22)
\_ new LifecycleHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/lifecycle-hook.js:14:35)
\_ AutoScalingGroup.addLifecycleHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.js:21:16)
\_ new InstanceDrainHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/drain-hook/instance-drain-hook.js:33:32)
\_ Cluster.addAutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:138:13)
\_ Cluster.addCapacity (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:96:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:20:17)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
14/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::Role | MyFleet/InstanceRole (MyFleetInstanceRole25A84AB8) Resource creation cancelled
new Role (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/role.js:35:22)
\_ new AutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.js:130:35)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:11:21)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
15/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole (EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA) Resource creation cancelled
new Role (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/role.js:35:22)
\_ new Function (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-lambda/lib/function.js:59:35)
\_ new InstanceDrainHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/drain-hook/instance-drain-hook.js:21:20)
\_ Cluster.addAutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:138:13)
\_ Cluster.addCapacity (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:96:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:20:17)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
16/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::Policy | EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy (EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80) Resource creation cancelled
new Policy (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/policy.js:29:26)
\_ Role.addToPolicy (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/role.js:124:34)
\_ AutoScalingGroup.addToRolePolicy (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.js:274:19)
\_ Cluster.addAutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:121:26)
\_ Cluster.addCapacity (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:96:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:20:17)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
17/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::Role | MyFleet/LifecycleHookDrainHook/Role (MyFleetLifecycleHookDrainHookRole3DCFCCB8) Resource creation cancelled
new Role (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-iam/lib/role.js:35:22)
\_ new LifecycleHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/lifecycle-hook.js:14:35)
\_ AutoScalingGroup.addLifecycleHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.js:21:16)
\_ new InstanceDrainHook (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/drain-hook/instance-drain-hook.js:33:32)
\_ Cluster.addAutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:138:13)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:19:17)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
18/56 | 1:42:07 PM | CREATE_FAILED | AWS::IAM::InstanceProfile | EcsCluster/DefaultAutoScalingGroup/InstanceProfile (EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3) Resource creation cancelled
new AutoScalingGroup (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-autoscaling/lib/auto-scaling-group.js:133:28)
\_ Cluster.addCapacity (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ecs/lib/cluster.js:89:34)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:20:17)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
19/56 | 1:42:07 PM | CREATE_FAILED | AWS::EC2::RouteTable | MyVpc/PrivateSubnet1/RouteTable (MyVpcPrivateSubnet1RouteTable8819E6E2) Resource creation cancelled
new Subnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:499:23)
\_ new PrivateSubnet (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:583:9)
\_ availabilityZones.forEach (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:421:43)
\_ Array.forEach (<anonymous>)
\_ Vpc.createSubnetResources (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:400:32)
\_ Vpc.createSubnets (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:396:18)
\_ new Vpc (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/@aws-cdk/aws-ec2/lib/vpc.js:231:14)
\_ new ECSCluster (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:10:21)
\_ Object.<anonymous> (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/index.js:26:1)
\_ Module._compile (internal/modules/cjs/loader.js:776:30)
\_ Object.Module._extensions..js (internal/modules/cjs/loader.js:787:10)
\_ Module.load (internal/modules/cjs/loader.js:653:32)
\_ tryModuleLoad (internal/modules/cjs/loader.js:593:12)
\_ Function.Module._load (internal/modules/cjs/loader.js:585:3)
\_ Function.Module.runMain (internal/modules/cjs/loader.js:829:12)
\_ startup (internal/bootstrap/node.js:283:19)
\_ bootstrapNodeJSCore (internal/bootstrap/node.js:622:3)
19/56 | 1:42:08 PM | ROLLBACK_IN_PROGRESS | AWS::CloudFormation::Stack | MyFirstEcsCluster The following resource(s) failed to create: [EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80, MyFleetLifecycleHookDrainHookRole3DCFCCB8, EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B, EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3, EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA, MyVpcPrivateSubnet2Subnet0040C983, MyVpcPublicSubnet2Subnet492B6BFB, MyVpcPrivateSubnet1RouteTable8819E6E2, MyFleetInstanceRole25A84AB8]. . Rollback requested by user.
Stack MyFirstEcsCluster is still not stable (ROLLBACK_IN_PROGRESS (The following resource(s) failed to create: [EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80, MyFleetLifecycleHookDrainHookRole3DCFCCB8, EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B, EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3, EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA, MyVpcPrivateSubnet2Subnet0040C983, MyVpcPublicSubnet2Subnet492B6BFB, MyVpcPrivateSubnet1RouteTable8819E6E2, MyFleetInstanceRole25A84AB8]. . Rollback requested by user.))
Stack MyFirstEcsCluster is still not stable (ROLLBACK_IN_PROGRESS)
20/56 | 1:42:15 PM | DELETE_COMPLETE | AWS::EC2::Subnet | MyVpc/PublicSubnet2/Subnet (MyVpcPublicSubnet2Subnet492B6BFB)
20/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | MyFleet/LifecycleHookDrainHook/Role (MyFleetLifecycleHookDrainHookRole3DCFCCB8)
21/56 | 1:42:15 PM | DELETE_COMPLETE | AWS::EC2::Subnet | MyVpc/PrivateSubnet2/Subnet (MyVpcPrivateSubnet2Subnet0040C983)
21/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | MyFleet/DrainECSHook/Function/ServiceRole (MyFleetDrainECSHookFunctionServiceRole6367A4A3)
21/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::SNS::Topic | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4)
21/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Policy | EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy (EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80)
21/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet1/EIP (MyVpcPublicSubnet1EIP096967CB)
22/56 | 1:42:15 PM | DELETE_COMPLETE | AWS::EC2::RouteTable | MyVpc/PrivateSubnet1/RouteTable (MyVpcPrivateSubnet1RouteTable8819E6E2)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::EC2::InternetGateway | MyVpc/IGW (MyVpcIGW5C4A4F63)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::SNS::Topic | MyFleet/LifecycleHookDrainHook/Topic (MyFleetLifecycleHookDrainHookTopicF84246FB)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | MyFleet/InstanceRole (MyFleetInstanceRole25A84AB8)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::CDK::Metadata | CDKMetadata
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::EC2::EIP | MyVpc/PublicSubnet2/EIP (MyVpcPublicSubnet2EIP8CCBA239)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole (EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA)
22/56 | 1:42:15 PM | DELETE_IN_PROGRESS | AWS::IAM::InstanceProfile | EcsCluster/DefaultAutoScalingGroup/InstanceProfile (EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3)
22/56 | 1:42:16 PM | DELETE_IN_PROGRESS | AWS::ECS::Cluster | EcsCluster (EcsCluster97242B84)
23/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::ECS::Cluster | EcsCluster (EcsCluster97242B84)
24/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::SNS::Topic | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4)
25/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::SNS::Topic | MyFleet/LifecycleHookDrainHook/Topic (MyFleetLifecycleHookDrainHookTopicF84246FB)
26/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::EC2::EIP | MyVpc/PublicSubnet1/EIP (MyVpcPublicSubnet1EIP096967CB)
27/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::EC2::EIP | MyVpc/PublicSubnet2/EIP (MyVpcPublicSubnet2EIP8CCBA239)
27/56 | 1:42:16 PM | DELETE_IN_PROGRESS | AWS::EC2::VPC | MyVpc (MyVpcF9F0CA6F)
28/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::IAM::Policy | EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy (EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80)
29/56 | 1:42:16 PM | DELETE_COMPLETE | AWS::IAM::Role | MyFleet/LifecycleHookDrainHook/Role (MyFleetLifecycleHookDrainHookRole3DCFCCB8)
30/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role (EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B)
31/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::IAM::Role | MyFleet/InstanceRole (MyFleetInstanceRole25A84AB8)
32/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::IAM::Role | MyFleet/DrainECSHook/Function/ServiceRole (MyFleetDrainECSHookFunctionServiceRole6367A4A3)
33/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::CDK::Metadata | CDKMetadata
34/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole (EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA)
35/56 | 1:42:17 PM | DELETE_COMPLETE | AWS::IAM::InstanceProfile | EcsCluster/DefaultAutoScalingGroup/InstanceProfile (EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3)
35/56 | 1:42:18 PM | DELETE_IN_PROGRESS | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/InstanceRole (EcsClusterDefaultAutoScalingGroupInstanceRole3C026863)
36/56 | 1:42:19 PM | DELETE_COMPLETE | AWS::IAM::Role | EcsCluster/DefaultAutoScalingGroup/InstanceRole (EcsClusterDefaultAutoScalingGroupInstanceRole3C026863)
Stack MyFirstEcsCluster is still not stable (ROLLBACK_IN_PROGRESS)
Stack MyFirstEcsCluster is still not stable (ROLLBACK_IN_PROGRESS)
❌ MyFirstEcsCluster failed: Error: The stack named MyFirstEcsCluster failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
The stack named MyFirstEcsCluster failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
Error: The stack named MyFirstEcsCluster failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE
at waitFor (/Users/username/Code/ops/aws-cdk-examples/typescript/ecs/cluster/node_modules/aws-cdk/lib/api/util/cloudformation.ts:163:13)
at process._tickCallback (internal/process/next_tick.js:68:7)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! ecs-cluster@1.0.0 cdk: `cdk "deploy" "-v"`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the ecs-cluster@1.0.0 cdk script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/markw/.npm/_logs/2019-08-20T03_42_35_141Z-debug.log
Raw
MyFirstEcsCluster.template.json
{
"Resources": {
"MyVpcF9F0CA6F": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/16",
"EnableDnsHostnames": true,
"EnableDnsSupport": true,
"InstanceTenancy": "default",
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/Resource"
}
},
"MyVpcPublicSubnet1SubnetF6608456": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.0.0.0/18",
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"AvailabilityZone": {
"Fn::Select": [
0,
{
"Fn::GetAZs": ""
}
]
},
"MapPublicIpOnLaunch": true,
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet1"
},
{
"Key": "aws-cdk:subnet-name",
"Value": "Public"
},
{
"Key": "aws-cdk:subnet-type",
"Value": "Public"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/Subnet"
}
},
"MyVpcPublicSubnet1RouteTableC46AB2F4": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet1"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/RouteTable"
}
},
"MyVpcPublicSubnet1RouteTableAssociation2ECEE1CB": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4"
},
"SubnetId": {
"Ref": "MyVpcPublicSubnet1SubnetF6608456"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/RouteTableAssociation"
}
},
"MyVpcPublicSubnet1DefaultRoute95FDF9EB": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPublicSubnet1RouteTableC46AB2F4"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "MyVpcIGW5C4A4F63"
}
},
"DependsOn": [
"MyVpcVPCGW488ACE0D"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/DefaultRoute"
}
},
"MyVpcPublicSubnet1EIP096967CB": {
"Type": "AWS::EC2::EIP",
"Properties": {
"Domain": "vpc"
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/EIP"
}
},
"MyVpcPublicSubnet1NATGatewayAD3400C1": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"MyVpcPublicSubnet1EIP096967CB",
"AllocationId"
]
},
"SubnetId": {
"Ref": "MyVpcPublicSubnet1SubnetF6608456"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet1"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet1/NATGateway"
}
},
"MyVpcPublicSubnet2Subnet492B6BFB": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.0.64.0/18",
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"AvailabilityZone": {
"Fn::Select": [
1,
{
"Fn::GetAZs": ""
}
]
},
"MapPublicIpOnLaunch": true,
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet2"
},
{
"Key": "aws-cdk:subnet-name",
"Value": "Public"
},
{
"Key": "aws-cdk:subnet-type",
"Value": "Public"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/Subnet"
}
},
"MyVpcPublicSubnet2RouteTable1DF17386": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet2"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/RouteTable"
}
},
"MyVpcPublicSubnet2RouteTableAssociation227DE78D": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPublicSubnet2RouteTable1DF17386"
},
"SubnetId": {
"Ref": "MyVpcPublicSubnet2Subnet492B6BFB"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/RouteTableAssociation"
}
},
"MyVpcPublicSubnet2DefaultRoute052936F6": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPublicSubnet2RouteTable1DF17386"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "MyVpcIGW5C4A4F63"
}
},
"DependsOn": [
"MyVpcVPCGW488ACE0D"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/DefaultRoute"
}
},
"MyVpcPublicSubnet2EIP8CCBA239": {
"Type": "AWS::EC2::EIP",
"Properties": {
"Domain": "vpc"
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/EIP"
}
},
"MyVpcPublicSubnet2NATGateway91BFBEC9": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
"AllocationId": {
"Fn::GetAtt": [
"MyVpcPublicSubnet2EIP8CCBA239",
"AllocationId"
]
},
"SubnetId": {
"Ref": "MyVpcPublicSubnet2Subnet492B6BFB"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PublicSubnet2"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PublicSubnet2/NATGateway"
}
},
"MyVpcPrivateSubnet1Subnet5057CF7E": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.0.128.0/18",
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"AvailabilityZone": {
"Fn::Select": [
0,
{
"Fn::GetAZs": ""
}
]
},
"MapPublicIpOnLaunch": false,
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PrivateSubnet1"
},
{
"Key": "aws-cdk:subnet-name",
"Value": "Private"
},
{
"Key": "aws-cdk:subnet-type",
"Value": "Private"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet1/Subnet"
}
},
"MyVpcPrivateSubnet1RouteTable8819E6E2": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PrivateSubnet1"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet1/RouteTable"
}
},
"MyVpcPrivateSubnet1RouteTableAssociation56D38C7E": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2"
},
"SubnetId": {
"Ref": "MyVpcPrivateSubnet1Subnet5057CF7E"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet1/RouteTableAssociation"
}
},
"MyVpcPrivateSubnet1DefaultRouteA8CDE2FA": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPrivateSubnet1RouteTable8819E6E2"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "MyVpcPublicSubnet1NATGatewayAD3400C1"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet1/DefaultRoute"
}
},
"MyVpcPrivateSubnet2Subnet0040C983": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"CidrBlock": "10.0.192.0/18",
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"AvailabilityZone": {
"Fn::Select": [
1,
{
"Fn::GetAZs": ""
}
]
},
"MapPublicIpOnLaunch": false,
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PrivateSubnet2"
},
{
"Key": "aws-cdk:subnet-name",
"Value": "Private"
},
{
"Key": "aws-cdk:subnet-type",
"Value": "Private"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet2/Subnet"
}
},
"MyVpcPrivateSubnet2RouteTableCEDCEECE": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc/PrivateSubnet2"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet2/RouteTable"
}
},
"MyVpcPrivateSubnet2RouteTableAssociation86A610DA": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE"
},
"SubnetId": {
"Ref": "MyVpcPrivateSubnet2Subnet0040C983"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet2/RouteTableAssociation"
}
},
"MyVpcPrivateSubnet2DefaultRoute9CE96294": {
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "MyVpcPrivateSubnet2RouteTableCEDCEECE"
},
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "MyVpcPublicSubnet2NATGateway91BFBEC9"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/PrivateSubnet2/DefaultRoute"
}
},
"MyVpcIGW5C4A4F63": {
"Type": "AWS::EC2::InternetGateway",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyVpc"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/IGW"
}
},
"MyVpcVPCGW488ACE0D": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
},
"InternetGatewayId": {
"Ref": "MyVpcIGW5C4A4F63"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyVpc/VPCGW"
}
},
"MyFleetInstanceSecurityGroup774E8234": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "MyFirstEcsCluster/MyFleet/InstanceSecurityGroup",
"SecurityGroupEgress": [
{
"CidrIp": "0.0.0.0/0",
"Description": "Allow all outbound traffic by default",
"IpProtocol": "-1"
}
],
"SecurityGroupIngress": [],
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyFleet"
}
],
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/InstanceSecurityGroup/Resource"
}
},
"MyFleetInstanceRole25A84AB8": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"ec2.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/InstanceRole/Resource"
}
},
"MyFleetInstanceRoleDefaultPolicy7B0197E7": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"ecs:CreateCluster",
"ecs:DeregisterContainerInstance",
"ecs:DiscoverPollEndpoint",
"ecs:Poll",
"ecs:RegisterContainerInstance",
"ecs:StartTelemetrySession",
"ecs:Submit*",
"ecr:GetAuthorizationToken",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"PolicyName": "MyFleetInstanceRoleDefaultPolicy7B0197E7",
"Roles": [
{
"Ref": "MyFleetInstanceRole25A84AB8"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/InstanceRole/DefaultPolicy/Resource"
}
},
"MyFleetInstanceProfile70A58496": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Roles": [
{
"Ref": "MyFleetInstanceRole25A84AB8"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/InstanceProfile"
}
},
"MyFleetLaunchConfig5D7F9801": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId": {
"Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
},
"InstanceType": "t2.xlarge",
"IamInstanceProfile": {
"Ref": "MyFleetInstanceProfile70A58496"
},
"SecurityGroups": [
{
"Fn::GetAtt": [
"MyFleetInstanceSecurityGroup774E8234",
"GroupId"
]
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\necho ECS_CLUSTER=",
{
"Ref": "EcsCluster97242B84"
},
" >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
]
]
}
}
},
"DependsOn": [
"MyFleetInstanceRoleDefaultPolicy7B0197E7",
"MyFleetInstanceRole25A84AB8"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/LaunchConfig"
}
},
"MyFleetASG88E55886": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"MaxSize": "3",
"MinSize": "1",
"DesiredCapacity": "3",
"LaunchConfigurationName": {
"Ref": "MyFleetLaunchConfig5D7F9801"
},
"Tags": [
{
"Key": "Name",
"PropagateAtLaunch": true,
"Value": "MyFirstEcsCluster/MyFleet"
}
],
"VPCZoneIdentifier": [
{
"Ref": "MyVpcPrivateSubnet1Subnet5057CF7E"
},
{
"Ref": "MyVpcPrivateSubnet2Subnet0040C983"
}
]
},
"UpdatePolicy": {
"AutoScalingReplacingUpdate": {
"WillReplace": true
},
"AutoScalingScheduledAction": {
"IgnoreUnmodifiedGroupSizeProperties": true
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/ASG"
}
},
"MyFleetDrainECSHookFunctionServiceRole6367A4A3": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"lambda.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
},
"ManagedPolicyArns": [
{
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
]
]
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/DrainECSHook/Function/ServiceRole/Resource"
}
},
"MyFleetDrainECSHookFunctionServiceRoleDefaultPolicy5CA3B4A8": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstanceStatus",
"ec2:DescribeHosts"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:CompleteLifecycleAction",
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":autoscaling:",
{
"Ref": "AWS::Region"
},
":",
{
"Ref": "AWS::AccountId"
},
":autoScalingGroup:*:autoScalingGroupName/",
{
"Ref": "MyFleetASG88E55886"
}
]
]
}
},
{
"Action": [
"ecs:DescribeContainerInstances",
"ecs:DescribeTasks"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ecs:ListContainerInstances",
"ecs:SubmitContainerStateChange",
"ecs:SubmitTaskStateChange"
],
"Effect": "Allow",
"Resource": {
"Fn::GetAtt": [
"EcsCluster97242B84",
"Arn"
]
}
},
{
"Action": [
"ecs:UpdateContainerInstancesState",
"ecs:ListTasks"
],
"Condition": {
"ArnEquals": {
"ecs:cluster": {
"Fn::GetAtt": [
"EcsCluster97242B84",
"Arn"
]
}
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"PolicyName": "MyFleetDrainECSHookFunctionServiceRoleDefaultPolicy5CA3B4A8",
"Roles": [
{
"Ref": "MyFleetDrainECSHookFunctionServiceRole6367A4A3"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource"
}
},
"MyFleetDrainECSHookFunction72B41A4C": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Code": {
"ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n"
},
"Handler": "index.lambda_handler",
"Role": {
"Fn::GetAtt": [
"MyFleetDrainECSHookFunctionServiceRole6367A4A3",
"Arn"
]
},
"Runtime": "python3.6",
"Environment": {
"Variables": {
"CLUSTER": {
"Ref": "EcsCluster97242B84"
}
}
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/MyFleet"
}
],
"Timeout": 310
},
"DependsOn": [
"MyFleetDrainECSHookFunctionServiceRoleDefaultPolicy5CA3B4A8",
"MyFleetDrainECSHookFunctionServiceRole6367A4A3"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/DrainECSHook/Function/Resource"
}
},
"MyFleetDrainECSHookFunctionAllowInvokeMyFirstEcsClusterMyFleetLifecycleHookDrainHookTopic0E34EF700D93F400": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"Action": "lambda:InvokeFunction",
"FunctionName": {
"Fn::GetAtt": [
"MyFleetDrainECSHookFunction72B41A4C",
"Arn"
]
},
"Principal": "sns.amazonaws.com",
"SourceArn": {
"Ref": "MyFleetLifecycleHookDrainHookTopicF84246FB"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/DrainECSHook/Function/AllowInvoke:MyFirstEcsClusterMyFleetLifecycleHookDrainHookTopic0E34EF70"
}
},
"MyFleetDrainECSHookFunctionTopic6C825942": {
"Type": "AWS::SNS::Subscription",
"Properties": {
"Protocol": "lambda",
"TopicArn": {
"Ref": "MyFleetLifecycleHookDrainHookTopicF84246FB"
},
"Endpoint": {
"Fn::GetAtt": [
"MyFleetDrainECSHookFunction72B41A4C",
"Arn"
]
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/DrainECSHook/Function/Topic/Resource"
}
},
"MyFleetLifecycleHookDrainHookRole3DCFCCB8": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"autoscaling.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/LifecycleHookDrainHook/Role/Resource"
}
},
"MyFleetLifecycleHookDrainHookRoleDefaultPolicyB7350C26": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": "sns:Publish",
"Effect": "Allow",
"Resource": {
"Ref": "MyFleetLifecycleHookDrainHookTopicF84246FB"
}
}
],
"Version": "2012-10-17"
},
"PolicyName": "MyFleetLifecycleHookDrainHookRoleDefaultPolicyB7350C26",
"Roles": [
{
"Ref": "MyFleetLifecycleHookDrainHookRole3DCFCCB8"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/LifecycleHookDrainHook/Role/DefaultPolicy/Resource"
}
},
"MyFleetLifecycleHookDrainHookTopicF84246FB": {
"Type": "AWS::SNS::Topic",
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/LifecycleHookDrainHook/Topic/Resource"
}
},
"MyFleetLifecycleHookDrainHookA63CFE3C": {
"Type": "AWS::AutoScaling::LifecycleHook",
"Properties": {
"AutoScalingGroupName": {
"Ref": "MyFleetASG88E55886"
},
"LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING",
"DefaultResult": "CONTINUE",
"HeartbeatTimeout": 300,
"NotificationTargetARN": {
"Ref": "MyFleetLifecycleHookDrainHookTopicF84246FB"
},
"RoleARN": {
"Fn::GetAtt": [
"MyFleetLifecycleHookDrainHookRole3DCFCCB8",
"Arn"
]
}
},
"DependsOn": [
"MyFleetLifecycleHookDrainHookRoleDefaultPolicyB7350C26",
"MyFleetLifecycleHookDrainHookRole3DCFCCB8"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/MyFleet/LifecycleHookDrainHook/Resource"
}
},
"EcsCluster97242B84": {
"Type": "AWS::ECS::Cluster",
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/InstanceSecurityGroup",
"SecurityGroupEgress": [
{
"CidrIp": "0.0.0.0/0",
"Description": "Allow all outbound traffic by default",
"IpProtocol": "-1"
}
],
"SecurityGroupIngress": [],
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup"
}
],
"VpcId": {
"Ref": "MyVpcF9F0CA6F"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/InstanceSecurityGroup/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupInstanceRole3C026863": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"ec2.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/InstanceRole/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"ecs:CreateCluster",
"ecs:DeregisterContainerInstance",
"ecs:DiscoverPollEndpoint",
"ecs:Poll",
"ecs:RegisterContainerInstance",
"ecs:StartTelemetrySession",
"ecs:Submit*",
"ecr:GetAuthorizationToken",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"PolicyName": "EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80",
"Roles": [
{
"Ref": "EcsClusterDefaultAutoScalingGroupInstanceRole3C026863"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/InstanceRole/DefaultPolicy/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Roles": [
{
"Ref": "EcsClusterDefaultAutoScalingGroupInstanceRole3C026863"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/InstanceProfile"
}
},
"EcsClusterDefaultAutoScalingGroupLaunchConfigB7E376C1": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Properties": {
"ImageId": {
"Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
},
"InstanceType": "t2.micro",
"IamInstanceProfile": {
"Ref": "EcsClusterDefaultAutoScalingGroupInstanceProfile2CE606B3"
},
"SecurityGroups": [
{
"Fn::GetAtt": [
"EcsClusterDefaultAutoScalingGroupInstanceSecurityGroup912E1231",
"GroupId"
]
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\necho ECS_CLUSTER=",
{
"Ref": "EcsCluster97242B84"
},
" >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
]
]
}
}
},
"DependsOn": [
"EcsClusterDefaultAutoScalingGroupInstanceRoleDefaultPolicy04DC6C80",
"EcsClusterDefaultAutoScalingGroupInstanceRole3C026863"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/LaunchConfig"
}
},
"EcsClusterDefaultAutoScalingGroupASGC1A785DB": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
"MaxSize": "1",
"MinSize": "1",
"DesiredCapacity": "1",
"LaunchConfigurationName": {
"Ref": "EcsClusterDefaultAutoScalingGroupLaunchConfigB7E376C1"
},
"Tags": [
{
"Key": "Name",
"PropagateAtLaunch": true,
"Value": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup"
}
],
"VPCZoneIdentifier": [
{
"Ref": "MyVpcPrivateSubnet1Subnet5057CF7E"
},
{
"Ref": "MyVpcPrivateSubnet2Subnet0040C983"
}
]
},
"UpdatePolicy": {
"AutoScalingReplacingUpdate": {
"WillReplace": true
},
"AutoScalingScheduledAction": {
"IgnoreUnmodifiedGroupSizeProperties": true
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/ASG"
}
},
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"lambda.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
},
"ManagedPolicyArns": [
{
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
]
]
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": [
"ec2:DescribeInstances",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstanceStatus",
"ec2:DescribeHosts"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "autoscaling:CompleteLifecycleAction",
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":autoscaling:",
{
"Ref": "AWS::Region"
},
":",
{
"Ref": "AWS::AccountId"
},
":autoScalingGroup:*:autoScalingGroupName/",
{
"Ref": "EcsClusterDefaultAutoScalingGroupASGC1A785DB"
}
]
]
}
},
{
"Action": [
"ecs:DescribeContainerInstances",
"ecs:DescribeTasks"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Action": [
"ecs:ListContainerInstances",
"ecs:SubmitContainerStateChange",
"ecs:SubmitTaskStateChange"
],
"Effect": "Allow",
"Resource": {
"Fn::GetAtt": [
"EcsCluster97242B84",
"Arn"
]
}
},
{
"Action": [
"ecs:UpdateContainerInstancesState",
"ecs:ListTasks"
],
"Condition": {
"ArnEquals": {
"ecs:cluster": {
"Fn::GetAtt": [
"EcsCluster97242B84",
"Arn"
]
}
}
},
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"PolicyName": "EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396",
"Roles": [
{
"Ref": "EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/ServiceRole/DefaultPolicy/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Code": {
"ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n"
},
"Handler": "index.lambda_handler",
"Role": {
"Fn::GetAtt": [
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA",
"Arn"
]
},
"Runtime": "python3.6",
"Environment": {
"Variables": {
"CLUSTER": {
"Ref": "EcsCluster97242B84"
}
}
},
"Tags": [
{
"Key": "Name",
"Value": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup"
}
],
"Timeout": 310
},
"DependsOn": [
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRoleDefaultPolicyA45BF396",
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionServiceRole94543EDA"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionAllowInvokeMyFirstEcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicA1D3D503E10C0428": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"Action": "lambda:InvokeFunction",
"FunctionName": {
"Fn::GetAtt": [
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E",
"Arn"
]
},
"Principal": "sns.amazonaws.com",
"SourceArn": {
"Ref": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/AllowInvoke:MyFirstEcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicA1D3D503"
}
},
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionTopic8F34E394": {
"Type": "AWS::SNS::Subscription",
"Properties": {
"Protocol": "lambda",
"TopicArn": {
"Ref": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4"
},
"Endpoint": {
"Fn::GetAtt": [
"EcsClusterDefaultAutoScalingGroupDrainECSHookFunctionE17A5F5E",
"Arn"
]
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/DrainECSHook/Function/Topic/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": {
"Fn::Join": [
"",
[
"autoscaling.",
{
"Ref": "AWS::URLSuffix"
}
]
]
}
}
}
],
"Version": "2012-10-17"
}
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": "sns:Publish",
"Effect": "Allow",
"Resource": {
"Ref": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4"
}
}
],
"Version": "2012-10-17"
},
"PolicyName": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88",
"Roles": [
{
"Ref": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B"
}
]
},
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Role/DefaultPolicy/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4": {
"Type": "AWS::SNS::Topic",
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Topic/Resource"
}
},
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookFFA63029": {
"Type": "AWS::AutoScaling::LifecycleHook",
"Properties": {
"AutoScalingGroupName": {
"Ref": "EcsClusterDefaultAutoScalingGroupASGC1A785DB"
},
"LifecycleTransition": "autoscaling:EC2_INSTANCE_TERMINATING",
"DefaultResult": "CONTINUE",
"HeartbeatTimeout": 300,
"NotificationTargetARN": {
"Ref": "EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookTopicACD2D4A4"
},
"RoleARN": {
"Fn::GetAtt": [
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B",
"Arn"
]
}
},
"DependsOn": [
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleDefaultPolicy75002F88",
"EcsClusterDefaultAutoScalingGroupLifecycleHookDrainHookRoleA38EC83B"
],
"Metadata": {
"aws:cdk:path": "MyFirstEcsCluster/EcsCluster/DefaultAutoScalingGroup/LifecycleHookDrainHook/Resource"
}
}
},
"Parameters": {
"SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": {
"Type": "AWS::SSM::Parameter::Value<String>",
"Default": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment