diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/AlbEc2ServiceWithCommandAndEntryPointDefaultTestDeployAssert91EF33D6.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/AlbEc2ServiceWithCommandAndEntryPointDefaultTestDeployAssert91EF33D6.assets.json
index 992a1ca046a18..32a34d9802ceb 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/AlbEc2ServiceWithCommandAndEntryPointDefaultTestDeployAssert91EF33D6.assets.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/AlbEc2ServiceWithCommandAndEntryPointDefaultTestDeployAssert91EF33D6.assets.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.assets.json
index cac99007bc284..d15747773455e 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.assets.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.assets.json
@@ -1,7 +1,7 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"files": {
- "f99d8d7aa012c2005302f24b0c6917d70f4ee968aa635522e17119347b9634ed": {
+ "96f1b91e7a099b720d86b3b88d975d45b769d67efd878163f884b12c11d81887": {
"source": {
"path": "aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json",
"packaging": "file"
@@ -9,7 +9,7 @@
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "f99d8d7aa012c2005302f24b0c6917d70f4ee968aa635522e17119347b9634ed.json",
+ "objectKey": "96f1b91e7a099b720d86b3b88d975d45b769d67efd878163f884b12c11d81887.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json
index ad3bab7008235..f968c57e6baae 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json
@@ -18,9 +18,6 @@
"VpcPublicSubnet1Subnet5C2D37C4": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -44,21 +41,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet1RouteTable6C95E38E": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet1RouteTableAssociation97140677": {
@@ -75,12 +75,12 @@
"VpcPublicSubnet1DefaultRoute3DA9E72A": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
}
},
"DependsOn": [
@@ -102,15 +102,15 @@
"VpcPublicSubnet1NATGateway4D7517AA": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
- },
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet1EIPD7E02669",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+ },
"Tags": [
{
"Key": "Name",
@@ -126,9 +126,6 @@
"VpcPublicSubnet2Subnet691E08A3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -152,21 +149,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet2RouteTable94F7E489": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPublicSubnet2RouteTableAssociationDD5762D8": {
@@ -183,12 +183,12 @@
"VpcPublicSubnet2DefaultRoute97F91067": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
}
},
"DependsOn": [
@@ -210,15 +210,15 @@
"VpcPublicSubnet2NATGateway9182C01D": {
"Type": "AWS::EC2::NatGateway",
"Properties": {
- "SubnetId": {
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
- },
"AllocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet2EIP3C605A87",
"AllocationId"
]
},
+ "SubnetId": {
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
+ },
"Tags": [
{
"Key": "Name",
@@ -234,9 +234,6 @@
"VpcPrivateSubnet1Subnet536B997A": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
0,
@@ -260,21 +257,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet1RouteTableB2C5B500": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet1RouteTableAssociation70C59FA6": {
@@ -291,21 +291,18 @@
"VpcPrivateSubnet1DefaultRouteBE02A9ED": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
}
}
},
"VpcPrivateSubnet2Subnet3788AAA1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"AvailabilityZone": {
"Fn::Select": [
1,
@@ -329,21 +326,24 @@
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet2RouteTableA678073B": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"Tags": [
{
"Key": "Name",
"Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"VpcPrivateSubnet2RouteTableAssociationA89CAD56": {
@@ -360,12 +360,12 @@
"VpcPrivateSubnet2DefaultRoute060D2087": {
"Type": "AWS::EC2::Route",
"Properties": {
- "RouteTableId": {
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
- },
"DestinationCidrBlock": "0.0.0.0/0",
"NatGatewayId": {
"Ref": "VpcPublicSubnet2NATGateway9182C01D"
+ },
+ "RouteTableId": {
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
}
}
},
@@ -383,11 +383,11 @@
"VpcVPCGWBF912B6E": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
- "VpcId": {
- "Ref": "Vpc8378EB38"
- },
"InternetGatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "VpcId": {
+ "Ref": "Vpc8378EB38"
}
}
},
@@ -408,10 +408,10 @@
"DefaultCapacityProviderStrategy": []
}
},
- "AutoScalingGroupInstanceSecurityGroup9D2E0C5E": {
+ "SecurityGroupDD263621": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
- "GroupDescription": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceSecurityGroup",
+ "GroupDescription": "aws-ecs-integ-alb-ec2-cmd-entrypoint/SecurityGroup",
"SecurityGroupEgress": [
{
"CidrIp": "0.0.0.0/0",
@@ -419,10 +419,13 @@
"IpProtocol": "-1"
}
],
- "Tags": [
+ "SecurityGroupIngress": [
{
- "Key": "Name",
- "Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup"
+ "CidrIp": "0.0.0.0/0",
+ "Description": "from 0.0.0.0/0:32768-65535",
+ "FromPort": 32768,
+ "IpProtocol": "tcp",
+ "ToPort": 65535
}
],
"VpcId": {
@@ -521,38 +524,79 @@
]
}
},
- "AutoScalingGroupLaunchConfigDEEB160C": {
- "Type": "AWS::AutoScaling::LaunchConfiguration",
+ "AutoScalingGroupLaunchTemplateCE2B3AFE": {
+ "Type": "AWS::EC2::LaunchTemplate",
"Properties": {
- "ImageId": {
- "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
- },
- "InstanceType": "t2.micro",
- "IamInstanceProfile": {
- "Ref": "AutoScalingGroupInstanceProfile342FAC7C"
- },
- "SecurityGroups": [
- {
- "Fn::GetAtt": [
- "AutoScalingGroupInstanceSecurityGroup9D2E0C5E",
- "GroupId"
- ]
- }
- ],
- "UserData": {
- "Fn::Base64": {
- "Fn::Join": [
- "",
- [
- "#!/bin/bash\necho ECS_CLUSTER=",
+ "LaunchTemplateData": {
+ "IamInstanceProfile": {
+ "Arn": {
+ "Fn::GetAtt": [
+ "AutoScalingGroupInstanceProfile342FAC7C",
+ "Arn"
+ ]
+ }
+ },
+ "ImageId": {
+ "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+ },
+ "InstanceType": "t2.micro",
+ "Monitoring": {
+ "Enabled": false
+ },
+ "SecurityGroupIds": [
+ {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ }
+ ],
+ "TagSpecifications": [
+ {
+ "ResourceType": "instance",
+ "Tags": [
{
- "Ref": "Ec2ClusterEE43E89D"
- },
- " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
+ "Key": "Name",
+ "Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
+ ]
+ },
+ {
+ "ResourceType": "volume",
+ "Tags": [
+ {
+ "Key": "Name",
+ "Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
]
+ }
+ ],
+ "UserData": {
+ "Fn::Base64": {
+ "Fn::Join": [
+ "",
+ [
+ "#!/bin/bash\necho ECS_CLUSTER=",
+ {
+ "Ref": "Ec2ClusterEE43E89D"
+ },
+ " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
+ ]
+ ]
+ }
+ }
+ },
+ "TagSpecifications": [
+ {
+ "ResourceType": "launch-template",
+ "Tags": [
+ {
+ "Key": "Name",
+ "Value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
]
}
- }
+ ]
},
"DependsOn": [
"AutoScalingGroupInstanceRoleDefaultPolicy3DF09528",
@@ -562,11 +606,19 @@
"AutoScalingGroupASG804C35BE": {
"Type": "AWS::AutoScaling::AutoScalingGroup",
"Properties": {
+ "LaunchTemplate": {
+ "LaunchTemplateId": {
+ "Ref": "AutoScalingGroupLaunchTemplateCE2B3AFE"
+ },
+ "Version": {
+ "Fn::GetAtt": [
+ "AutoScalingGroupLaunchTemplateCE2B3AFE",
+ "LatestVersionNumber"
+ ]
+ }
+ },
"MaxSize": "1",
"MinSize": "1",
- "LaunchConfigurationName": {
- "Ref": "AutoScalingGroupLaunchConfigDEEB160C"
- },
"NewInstancesProtectedFromScaleIn": true,
"Tags": [
{
@@ -622,6 +674,12 @@
"ALBECSServiceWithCommandEntryPointLBSecurityGroupBA7F6FB5",
"GroupId"
]
+ },
+ {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
}
],
"Subnets": [
@@ -726,18 +784,15 @@
"ContainerDefinitions": [
{
"Command": [
- "/usr/sbin/apache2",
- "-D",
- "FOREGROUND"
+ "/bin/sh -c \"echo '
Amazon ECS Sample App
' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""
],
"Cpu": 256,
"EntryPoint": [
- "/bin/bash",
- "-l",
+ "sh",
"-c"
],
"Essential": true,
- "Image": "amazon/amazon-ecs-sample",
+ "Image": "public.ecr.aws/docker/library/httpd:2.4",
"LogConfiguration": {
"LogDriver": "awslogs",
"Options": {
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/cdk.out
index f0b901e7c06e5..1f0068d32659a 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/cdk.out
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/cdk.out
@@ -1 +1 @@
-{"version":"32.0.0"}
\ No newline at end of file
+{"version":"36.0.0"}
\ No newline at end of file
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/integ.json
index cb9111a784095..89155479203b4 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/integ.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/integ.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"testCases": {
"AlbEc2ServiceWithCommandAndEntryPoint/DefaultTest": {
"stacks": [
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/manifest.json
index 36c5ae5655f0a..f654a71a50186 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/manifest.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/manifest.json
@@ -1,5 +1,5 @@
{
- "version": "32.0.0",
+ "version": "36.0.0",
"artifacts": {
"aws-ecs-integ-alb-ec2-cmd-entrypoint.assets": {
"type": "cdk:asset-manifest",
@@ -14,10 +14,11 @@
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "aws-ecs-integ-alb-ec2-cmd-entrypoint.template.json",
+ "terminationProtection": false,
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/f99d8d7aa012c2005302f24b0c6917d70f4ee968aa635522e17119347b9634ed.json",
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/96f1b91e7a099b720d86b3b88d975d45b769d67efd878163f884b12c11d81887.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
@@ -183,10 +184,10 @@
"data": "Ec2Cluster56240A3A"
}
],
- "/aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceSecurityGroup/Resource": [
+ "/aws-ecs-integ-alb-ec2-cmd-entrypoint/SecurityGroup/Resource": [
{
"type": "aws:cdk:logicalId",
- "data": "AutoScalingGroupInstanceSecurityGroup9D2E0C5E"
+ "data": "SecurityGroupDD263621"
}
],
"/aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceRole/Resource": [
@@ -207,10 +208,10 @@
"data": "AutoScalingGroupInstanceProfile342FAC7C"
}
],
- "/aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchConfig": [
+ "/aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate/Resource": [
{
"type": "aws:cdk:logicalId",
- "data": "AutoScalingGroupLaunchConfigDEEB160C"
+ "data": "AutoScalingGroupLaunchTemplateCE2B3AFE"
}
],
"/aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/ASG": [
@@ -331,6 +332,7 @@
"environment": "aws://unknown-account/unknown-region",
"properties": {
"templateFile": "AlbEc2ServiceWithCommandAndEntryPointDefaultTestDeployAssert91EF33D6.template.json",
+ "terminationProtection": false,
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/tree.json
index ab1d5e7835c45..da35b30aa6012 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/tree.json
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.js.snapshot/tree.json
@@ -45,9 +45,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -71,7 +68,10 @@
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -93,15 +93,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -134,12 +134,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "routeTableId": {
+ "Ref": "VpcPublicSubnet1RouteTable6C95E38E"
}
}
},
@@ -174,15 +174,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
- },
"allocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet1EIPD7E02669",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VpcPublicSubnet1Subnet5C2D37C4"
+ },
"tags": [
{
"key": "Name",
@@ -212,9 +212,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -238,7 +235,10 @@
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -260,15 +260,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PublicSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -301,12 +301,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPublicSubnet2RouteTable94F7E489"
- },
"destinationCidrBlock": "0.0.0.0/0",
"gatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "routeTableId": {
+ "Ref": "VpcPublicSubnet2RouteTable94F7E489"
}
}
},
@@ -341,15 +341,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::NatGateway",
"aws:cdk:cloudformation:props": {
- "subnetId": {
- "Ref": "VpcPublicSubnet2Subnet691E08A3"
- },
"allocationId": {
"Fn::GetAtt": [
"VpcPublicSubnet2EIP3C605A87",
"AllocationId"
]
},
+ "subnetId": {
+ "Ref": "VpcPublicSubnet2Subnet691E08A3"
+ },
"tags": [
{
"key": "Name",
@@ -379,9 +379,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
0,
@@ -405,7 +402,10 @@
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -427,15 +427,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet1"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -468,12 +468,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VpcPublicSubnet1NATGateway4D7517AA"
+ },
+ "routeTableId": {
+ "Ref": "VpcPrivateSubnet1RouteTableB2C5B500"
}
}
},
@@ -498,9 +498,6 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Subnet",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"availabilityZone": {
"Fn::Select": [
1,
@@ -524,7 +521,10 @@
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -546,15 +546,15 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::RouteTable",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"tags": [
{
"key": "Name",
"value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/Vpc/PrivateSubnet2"
}
- ]
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
+ }
}
},
"constructInfo": {
@@ -587,12 +587,12 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::Route",
"aws:cdk:cloudformation:props": {
- "routeTableId": {
- "Ref": "VpcPrivateSubnet2RouteTableA678073B"
- },
"destinationCidrBlock": "0.0.0.0/0",
"natGatewayId": {
"Ref": "VpcPublicSubnet2NATGateway9182C01D"
+ },
+ "routeTableId": {
+ "Ref": "VpcPrivateSubnet2RouteTableA678073B"
}
}
},
@@ -632,11 +632,11 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::EC2::VPCGatewayAttachment",
"aws:cdk:cloudformation:props": {
- "vpcId": {
- "Ref": "Vpc8378EB38"
- },
"internetGatewayId": {
"Ref": "VpcIGWD7BA715C"
+ },
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
}
}
},
@@ -695,50 +695,53 @@
"version": "0.0.0"
}
},
- "AutoScalingGroup": {
- "id": "AutoScalingGroup",
- "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup",
+ "SecurityGroup": {
+ "id": "SecurityGroup",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/SecurityGroup",
"children": {
- "InstanceSecurityGroup": {
- "id": "InstanceSecurityGroup",
- "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceSecurityGroup",
- "children": {
- "Resource": {
- "id": "Resource",
- "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceSecurityGroup/Resource",
- "attributes": {
- "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup",
- "aws:cdk:cloudformation:props": {
- "groupDescription": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceSecurityGroup",
- "securityGroupEgress": [
- {
- "cidrIp": "0.0.0.0/0",
- "description": "Allow all outbound traffic by default",
- "ipProtocol": "-1"
- }
- ],
- "tags": [
- {
- "key": "Name",
- "value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup"
- }
- ],
- "vpcId": {
- "Ref": "Vpc8378EB38"
- }
+ "Resource": {
+ "id": "Resource",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/SecurityGroup/Resource",
+ "attributes": {
+ "aws:cdk:cloudformation:type": "AWS::EC2::SecurityGroup",
+ "aws:cdk:cloudformation:props": {
+ "groupDescription": "aws-ecs-integ-alb-ec2-cmd-entrypoint/SecurityGroup",
+ "securityGroupEgress": [
+ {
+ "cidrIp": "0.0.0.0/0",
+ "description": "Allow all outbound traffic by default",
+ "ipProtocol": "-1"
}
- },
- "constructInfo": {
- "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup",
- "version": "0.0.0"
+ ],
+ "securityGroupIngress": [
+ {
+ "cidrIp": "0.0.0.0/0",
+ "ipProtocol": "tcp",
+ "fromPort": 32768,
+ "toPort": 65535,
+ "description": "from 0.0.0.0/0:32768-65535"
+ }
+ ],
+ "vpcId": {
+ "Ref": "Vpc8378EB38"
}
}
},
"constructInfo": {
- "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup",
+ "fqn": "aws-cdk-lib.aws_ec2.CfnSecurityGroup",
"version": "0.0.0"
}
- },
+ }
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.SecurityGroup",
+ "version": "0.0.0"
+ }
+ },
+ "AutoScalingGroup": {
+ "id": "AutoScalingGroup",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup",
+ "children": {
"InstanceRole": {
"id": "InstanceRole",
"path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/InstanceRole",
@@ -882,45 +885,104 @@
"version": "0.0.0"
}
},
- "LaunchConfig": {
- "id": "LaunchConfig",
- "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchConfig",
- "attributes": {
- "aws:cdk:cloudformation:type": "AWS::AutoScaling::LaunchConfiguration",
- "aws:cdk:cloudformation:props": {
- "imageId": {
- "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
- },
- "instanceType": "t2.micro",
- "iamInstanceProfile": {
- "Ref": "AutoScalingGroupInstanceProfile342FAC7C"
- },
- "securityGroups": [
- {
- "Fn::GetAtt": [
- "AutoScalingGroupInstanceSecurityGroup9D2E0C5E",
- "GroupId"
- ]
- }
- ],
- "userData": {
- "Fn::Base64": {
- "Fn::Join": [
- "",
- [
- "#!/bin/bash\necho ECS_CLUSTER=",
+ "ImportedInstanceProfile": {
+ "id": "ImportedInstanceProfile",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/ImportedInstanceProfile",
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.Resource",
+ "version": "0.0.0"
+ }
+ },
+ "LaunchTemplate": {
+ "id": "LaunchTemplate",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate",
+ "children": {
+ "Resource": {
+ "id": "Resource",
+ "path": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate/Resource",
+ "attributes": {
+ "aws:cdk:cloudformation:type": "AWS::EC2::LaunchTemplate",
+ "aws:cdk:cloudformation:props": {
+ "launchTemplateData": {
+ "iamInstanceProfile": {
+ "arn": {
+ "Fn::GetAtt": [
+ "AutoScalingGroupInstanceProfile342FAC7C",
+ "Arn"
+ ]
+ }
+ },
+ "imageId": {
+ "Ref": "SsmParameterValueawsserviceecsoptimizedamiamazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter"
+ },
+ "instanceType": "t2.micro",
+ "monitoring": {
+ "enabled": false
+ },
+ "securityGroupIds": [
{
- "Ref": "Ec2ClusterEE43E89D"
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
+ }
+ ],
+ "tagSpecifications": [
+ {
+ "resourceType": "instance",
+ "tags": [
+ {
+ "key": "Name",
+ "value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
+ ]
},
- " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
- ]
+ {
+ "resourceType": "volume",
+ "tags": [
+ {
+ "key": "Name",
+ "value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
+ ]
+ }
+ ],
+ "userData": {
+ "Fn::Base64": {
+ "Fn::Join": [
+ "",
+ [
+ "#!/bin/bash\necho ECS_CLUSTER=",
+ {
+ "Ref": "Ec2ClusterEE43E89D"
+ },
+ " >> /etc/ecs/ecs.config\nsudo iptables --insert FORWARD 1 --in-interface docker+ --destination 169.254.169.254/32 --jump DROP\nsudo service iptables save\necho ECS_AWSVPC_BLOCK_IMDS=true >> /etc/ecs/ecs.config"
+ ]
+ ]
+ }
+ }
+ },
+ "tagSpecifications": [
+ {
+ "resourceType": "launch-template",
+ "tags": [
+ {
+ "key": "Name",
+ "value": "aws-ecs-integ-alb-ec2-cmd-entrypoint/AutoScalingGroup/LaunchTemplate"
+ }
+ ]
+ }
]
}
+ },
+ "constructInfo": {
+ "fqn": "aws-cdk-lib.aws_ec2.CfnLaunchTemplate",
+ "version": "0.0.0"
}
}
},
"constructInfo": {
- "fqn": "aws-cdk-lib.aws_autoscaling.CfnLaunchConfiguration",
+ "fqn": "aws-cdk-lib.aws_ec2.LaunchTemplate",
"version": "0.0.0"
}
},
@@ -930,11 +992,19 @@
"attributes": {
"aws:cdk:cloudformation:type": "AWS::AutoScaling::AutoScalingGroup",
"aws:cdk:cloudformation:props": {
+ "launchTemplate": {
+ "launchTemplateId": {
+ "Ref": "AutoScalingGroupLaunchTemplateCE2B3AFE"
+ },
+ "version": {
+ "Fn::GetAtt": [
+ "AutoScalingGroupLaunchTemplateCE2B3AFE",
+ "LatestVersionNumber"
+ ]
+ }
+ },
"maxSize": "1",
"minSize": "1",
- "launchConfigurationName": {
- "Ref": "AutoScalingGroupLaunchConfigDEEB160C"
- },
"newInstancesProtectedFromScaleIn": true,
"tags": [
{
@@ -1041,6 +1111,12 @@
"ALBECSServiceWithCommandEntryPointLBSecurityGroupBA7F6FB5",
"GroupId"
]
+ },
+ {
+ "Fn::GetAtt": [
+ "SecurityGroupDD263621",
+ "GroupId"
+ ]
}
],
"subnets": [
@@ -1253,18 +1329,15 @@
"containerDefinitions": [
{
"command": [
- "/usr/sbin/apache2",
- "-D",
- "FOREGROUND"
+ "/bin/sh -c \"echo 'Amazon ECS Sample App
' > /usr/local/apache2/htdocs/index.html && httpd-foreground\""
],
"cpu": 256,
"entryPoint": [
- "/bin/bash",
- "-l",
+ "sh",
"-c"
],
"essential": true,
- "image": "amazon/amazon-ecs-sample",
+ "image": "public.ecr.aws/docker/library/httpd:2.4",
"memory": 512,
"name": "web",
"portMappings": [
@@ -1540,7 +1613,7 @@
"path": "AlbEc2ServiceWithCommandAndEntryPoint/DefaultTest/Default",
"constructInfo": {
"fqn": "constructs.Construct",
- "version": "10.2.55"
+ "version": "10.3.0"
}
},
"DeployAssert": {
@@ -1586,7 +1659,7 @@
"path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
- "version": "10.2.55"
+ "version": "10.3.0"
}
}
},
diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.ts
index 913f5fc3c308a..597770c238961 100644
--- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.ts
+++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs-patterns/test/ec2/integ.alb-ecs-service-command-entry-point.ts
@@ -4,14 +4,19 @@ import * as ecs from 'aws-cdk-lib/aws-ecs';
import * as cdk from 'aws-cdk-lib';
import * as integ from '@aws-cdk/integ-tests-alpha';
import * as ecsPatterns from 'aws-cdk-lib/aws-ecs-patterns';
-import { AUTOSCALING_GENERATE_LAUNCH_TEMPLATE } from 'aws-cdk-lib/cx-api';
-const app = new cdk.App({ postCliContext: { [AUTOSCALING_GENERATE_LAUNCH_TEMPLATE]: false } });
+const app = new cdk.App();
const stack = new cdk.Stack(app, 'aws-ecs-integ-alb-ec2-cmd-entrypoint');
// Create VPC and ECS Cluster
const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false });
const cluster = new ecs.Cluster(stack, 'Ec2Cluster', { vpc });
+const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', {
+ vpc,
+ allowAllOutbound: true,
+});
+securityGroup.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcpRange(32768, 65535));
+
const provider = new ecs.AsgCapacityProvider(stack, 'CapacityProvier', {
autoScalingGroup: new autoscaling.AutoScalingGroup(
stack,
@@ -20,6 +25,7 @@ const provider = new ecs.AsgCapacityProvider(stack, 'CapacityProvier', {
vpc,
instanceType: new ec2.InstanceType('t2.micro'),
machineImage: ecs.EcsOptimizedImage.amazonLinux2(),
+ securityGroup,
},
),
capacityProviderName: 'test-capacity-provider',
@@ -27,7 +33,7 @@ const provider = new ecs.AsgCapacityProvider(stack, 'CapacityProvier', {
cluster.addAsgCapacityProvider(provider);
// Create ALB service with Command and EntryPoint
-new ecsPatterns.ApplicationLoadBalancedEc2Service(
+const applicationLoadBalancedEc2Service = new ecsPatterns.ApplicationLoadBalancedEc2Service(
stack,
'ALBECSServiceWithCommandEntryPoint',
{
@@ -35,9 +41,9 @@ new ecsPatterns.ApplicationLoadBalancedEc2Service(
memoryLimitMiB: 512,
cpu: 256,
taskImageOptions: {
- image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
- command: ['/usr/sbin/apache2', '-D', 'FOREGROUND'],
- entryPoint: ['/bin/bash', '-l', '-c'],
+ image: ecs.ContainerImage.fromRegistry('public.ecr.aws/docker/library/httpd:2.4'),
+ command: ['/bin/sh -c \"echo \'Amazon ECS Sample App
\' > /usr/local/apache2/htdocs/index.html && httpd-foreground\"'],
+ entryPoint: ['sh', '-c'],
},
capacityProviderStrategies: [
{
@@ -48,6 +54,7 @@ new ecsPatterns.ApplicationLoadBalancedEc2Service(
],
},
);
+applicationLoadBalancedEc2Service.loadBalancer.connections.addSecurityGroup(securityGroup);
new integ.IntegTest(app, 'AlbEc2ServiceWithCommandAndEntryPoint', {
testCases: [stack],