version: '2'
networks:
  # This special network is configured so that the local metadata
  # service can bind to the specific IP address that ECS uses
  # in production
  credentials_network:
    driver: bridge
    ipam:
      config:
        - subnet: "169.254.170.0/24"
          gateway: 169.254.170.1

services:
  # This container vends credentials to your containers
  ecs-local-endpoints:
    # The Amazon ECS Local Container Endpoints Docker Image
    image: amazon/amazon-ecs-local-container-endpoints
    volumes:
      # Mount /var/run so we can access docker.sock and talk to Docker
      - /var/run:/var/run
      # Mount the shared configuration directory, used by the AWS CLI and AWS SDKs
      # On Windows, this directory can be found at "%UserProfile%\.aws"
      - $HOME/.aws/:/home/.aws/
    environment:
      # define the home folder; credentials will be read from $HOME/.aws
      HOME: "/home"
      # You can change which AWS CLI Profile is used
      AWS_PROFILE: "default"
    networks:
      credentials_network:
        # This special IP address is recognized by the AWS SDKs and AWS CLI 
        ipv4_address: "169.254.170.2"
            
  # Here we reference the application container that we are testing
  # You can test multiple containers at a time, simply duplicate this section
  # and customize it for each container, and give it a unique IP in 'credentials_network'.
  app:
    depends_on:
      - ecs-local-endpoints
    networks:
      credentials_network:
        ipv4_address: "169.254.170.3"
    environment:
      AWS_REGION: "us-west-2"
      SPRING_PROFILES_ACTIVE: "desktop"
      AWS_CONTAINER_CREDENTIALS_RELATIVE_URI: "/role/faster-cryptography-in-java-desktop-role"
      JVM_MAX_HEAP_SIZE: "-Xmx512m"  # Leave enough memory for the JVM itself
    mem_limit: 1g
    memswap_limit: 1g  # this number is memory+swap, setting it to the same number as mem_limit disables swap