--- AWSTemplateFormatVersion: '2010-09-09' Parameters: ECSClusterName: Type: String Description: Enter ECS FARGATE cluster name for installing the sample Redis workload SecurityGroupID: Type: 'AWS::EC2::SecurityGroup::Id' Description: Enter the Security Group ID for running the CloudWatch Agent ECS Task SubnetID: Type: 'AWS::EC2::Subnet::Id' Description: Enter the Subnet ID for running the CloudWatch Agent ECS Task TaskRoleName: Type: String Description: Enter the ECS task role name to be created for Redis ECS task definition ExecutionRoleName: Type: String Description: Enter the ECS execution role name to be created for Redis ECS task definition Resources: RedisECSExecutionRole: Type: AWS::IAM::Role Properties: RoleName: !Ref ExecutionRoleName Description: Allows ECS container agent makes calls to the Amazon ECS API on your behalf. AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Action: sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy RedisECSTaskRole: Type: AWS::IAM::Role Properties: RoleName: !Ref TaskRoleName Description: Allows ECS tasks to call AWS services on your behalf. AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Action: sts:AssumeRole ManagedPolicyArns: - arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy ECSRedisTaskDefinition: Type: 'AWS::ECS::TaskDefinition' DependsOn: - RedisECSExecutionRole - RedisECSTaskRole Properties: Family: !Sub 'redis-prometheus-demo-${ECSClusterName}-fargate-awsvpc' TaskRoleArn: !Ref RedisECSTaskRole ExecutionRoleArn: !Ref RedisECSExecutionRole NetworkMode: awsvpc ContainerDefinitions: - Name: redis-0 Image: redis:6.0.8-alpine3.12 Essential: true MountPoints: [] portMappings: - protocol: tcp containerPort: 6379 dockerLabels: app: redis Environment: [] Secrets: [] LogConfiguration: logDriver: awslogs options: awslogs-create-group: 'True' awslogs-group: "/ecs/ecs-redis-prometheus-demo" awslogs-region: !Ref AWS::Region awslogs-stream-prefix: !Sub 'redis-fargate-awsvpc' - Name: redis-exporter-0 Image: oliver006/redis_exporter:v1.11.1-alpine Essential: false MountPoints: [] portMappings: - protocol: tcp containerPort: 9121 dockerLabels: CWAgent-Usage-invalid-prometheus-label: Prometheus-Monitoring-Workload-Demo ECS_PROMETHEUS_EXPORTER_PORT: '9121' job: prometheus-redis app_x: redis_exporter Environment: [] Secrets: [] LogConfiguration: logDriver: awslogs options: awslogs-create-group: 'True' awslogs-group: "/ecs/ecs-redis-prometheus-demo" awslogs-region: !Ref AWS::Region awslogs-stream-prefix: !Sub 'redis-exporter-fargate-awsvpc' requiresCompatibilities: - FARGATE Cpu: '256' Memory: '512' ECSRedisService: Type: AWS::ECS::Service DependsOn: ECSRedisTaskDefinition Properties: Cluster: !Ref ECSClusterName DesiredCount: 1 LaunchType: FARGATE SchedulingStrategy: REPLICA ServiceName: !Sub 'redis-prometheus-demo-fargate-awsvpc' TaskDefinition: !Ref ECSRedisTaskDefinition NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - !Ref SecurityGroupID Subnets: - !Ref SubnetID