# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. # SPDX-License-Identifier: Apache-2.0 Description: "(SO8018)—Apache Superset on AWS offers the customer a scalable, open-source business intelligence application, v1.0.0. (qs-1s0fbq688)." Metadata: QuickStartDocumentation: EntrypointName: "Parameters for deploying into an existing VPC" Order: "2" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Account configuration" Parameters: - SuperSetUserName - SuperSetUserPassword - WithExample - InstallProphet - ClusterName - Label: default: "Network configuration" Parameters: - PublicSubnet1 - PublicSubnet2 - PrivateSubnet1 - PrivateSubnet2 - Vpc ParameterLabels: SuperSetUserName: default: "Initial Superset user name" SuperSetUserPassword: default: "Initial Superset password" WithExample: default: "Prepopulate example dashboard" InstallProphet: default: "Install Prophet library" PublicSubnet1: default: "Public subnet for Availability Zone 1" PublicSubnet2: default: "Public subnet for Availability Zone 2" PrivateSubnet1: default: "Private subnet for Availability Zone 1" PrivateSubnet2: default: "Private subnet for Availability Zone 2" Vpc: default: "VPC ID" ClusterName: default: "Elastic container cluster name" Parameters: SuperSetUserName: Type: String Description: Superset user name. AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*" ConstraintDescription: "Must begin with a letter and contain only alphanumeric characters." Default: 'supersetuser' MaxLength: "16" MinLength: "1" SuperSetUserPassword: Description: Superset password. A strict password policy is recommended. AllowedPattern: "^(?=.*\\d)(?=.*[A-Z])(?=.*[a-z])(?=.*[^\\w\\d\\s:])([^\\s]){8,16}$" ConstraintDescription: "Length 8~16 with space, Must contain 1 uppercase, 1 lowercase, 1 number, 1 non-alpha numeric number, 1 number (0-9)" MaxLength: "16" MinLength: "8" NoEcho: "True" Type: String WithExample: Type: String Default: "yes" Description: 'Enables or disables populating the dashboard example. Setting this parameter to "yes" populates the dashboard example.' InstallProphet: Type: String Default: "no" Description: 'Enables or disables Prophet library installation for Forecasting Analytics. Setting this parameter to "yes" installs Prophet to enable Forecasting Analytics.' PublicSubnet1: Type: AWS::EC2::Subnet::Id Description: Public subnet in Availability Zone 1. PublicSubnet2: Type: AWS::EC2::Subnet::Id Description: Public subnet in Availability Zone 2. PrivateSubnet1: Type: AWS::EC2::Subnet::Id Description: Private subnet in Availability Zone 1. PrivateSubnet2: Type: AWS::EC2::Subnet::Id Description: Private subnet in Availability Zone 2. Vpc: Type: AWS::EC2::VPC::Id Description: VPC ID to create Amazon ECS cluster. ClusterName: Type: String Default: 'supersetOnAWS' Description: Name of the Amazon ECS cluster. Resources: CloudMap: Properties: Description: Service map for Docker compose project. Name: !Sub ${ClusterName}.local Vpc: !Ref Vpc Type: AWS::ServiceDiscovery::PrivateDnsNamespace Cluster: Properties: ClusterName: !Ref ClusterName Tags: - Key: com.docker.compose.project Value: !Ref ClusterName Type: AWS::ECS::Cluster DbService: DependsOn: - DbhomeNFSMountTargetOnSubnetB - DbhomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - DbServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: db TaskDefinition: Ref: DbTaskDefinition Type: AWS::ECS::Service DbServiceDiscoveryEntry: Properties: Description: 'Entry for "db" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: db NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service DbTaskDefinition: Properties: ContainerDefinitions: - Command: # private DNS hostnames by default in format of ip-private-ipv4-address.region.compute.internal - !Sub ${AWS::Region}.compute.internal # namespace name created in AWS Cloud Map - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Db_ResolvConf_InitContainer - DependsOn: - Condition: SUCCESS ContainerName: Db_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG Value: "false" - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword Essential: true Image: docker.io/library/postgres:14@sha256:cf3b0cf1dde2a82542e4b9de7f3ad058fdc819dea6499007035b838542b0bd5e LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /var/lib/postgresql/data SourceVolume: db_home Name: db PortMappings: - ContainerPort: 5432 HostPort: 5432 Protocol: tcp Cpu: "256" ExecutionRoleArn: !GetAtt DbTaskExecutionRole.Arn Family: !Sub ${ClusterName}-db Memory: "512" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: DbTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: DbhomeAccessPoint IAM: ENABLED FilesystemId: Ref: DbhomeFilesystem TransitEncryption: ENABLED Name: db_home Type: AWS::ECS::TaskDefinition DbTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: db Type: AWS::IAM::Role DbTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: DbhomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - DbhomeFilesystem - Arn Version: 2012-10-17 PolicyName: DbDbhomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: db Type: AWS::IAM::Role DbhomeAccessPoint: Properties: AccessPointTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: db_home - Key: Name Value: !Sub ${ClusterName}_db_home FileSystemId: Ref: DbhomeFilesystem Type: AWS::EFS::AccessPoint DbhomeFilesystem: DeletionPolicy: Delete Properties: Encrypted: true FileSystemTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: db_home - Key: Name Value: !Sub ${ClusterName}_db_home Type: AWS::EFS::FileSystem DbhomeNFSMountTargetOnSubnetA: Properties: FileSystemId: Ref: DbhomeFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet1 Type: AWS::EFS::MountTarget DbhomeNFSMountTargetOnSubnetB: Properties: FileSystemId: Ref: DbhomeFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet2 Type: AWS::EFS::MountTarget Default5432Ingress: Properties: CidrIp: 0.0.0.0/0 Description: db:5432/tcp on default network FromPort: 5432 GroupId: Ref: DefaultNetwork IpProtocol: TCP ToPort: 5432 Type: AWS::EC2::SecurityGroupIngress Default6379Ingress: Properties: CidrIp: 0.0.0.0/0 Description: redis:6379/tcp on default network FromPort: 6379 GroupId: Ref: DefaultNetwork IpProtocol: TCP ToPort: 6379 Type: AWS::EC2::SecurityGroupIngress Default8088Ingress: Properties: CidrIp: 0.0.0.0/0 Description: superset:8088/tcp on default network FromPort: 8088 GroupId: Ref: DefaultNetwork IpProtocol: TCP ToPort: 8088 Type: AWS::EC2::SecurityGroupIngress DefaultNetwork: Properties: GroupDescription: Security group for default network. Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.network Value: !Sub ${ClusterName}_default VpcId: !Ref Vpc Type: AWS::EC2::SecurityGroup DefaultNetworkIngress: Properties: Description: Allow communication within network default. GroupId: Ref: DefaultNetwork IpProtocol: "-1" SourceSecurityGroupId: Ref: DefaultNetwork Type: AWS::EC2::SecurityGroupIngress LoadBalancer: Properties: LoadBalancerAttributes: - Key: load_balancing.cross_zone.enabled Value: "true" Scheme: internet-facing Subnets: - !Ref PublicSubnet1 - !Ref PublicSubnet2 Tags: - Key: com.docker.compose.project Value: !Ref ClusterName Type: network Type: AWS::ElasticLoadBalancingV2::LoadBalancer LogGroup: Properties: LogGroupName: !Sub - /docker-compose/supersetOnAWS-${StackID} - StackID: !Select [ 2, !Split [ /, !Ref AWS::StackId ] ] Type: AWS::Logs::LogGroup RedisAccessPoint: Properties: AccessPointTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: redis - Key: Name Value: !Sub ${ClusterName}_redis FileSystemId: Ref: RedisFilesystem Type: AWS::EFS::AccessPoint RedisFilesystem: DeletionPolicy: Delete Properties: Encrypted: true FileSystemTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: redis - Key: Name Value: !Sub ${ClusterName}_redis Type: AWS::EFS::FileSystem RedisNFSMountTargetOnSubnetA: Properties: FileSystemId: Ref: RedisFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet1 Type: AWS::EFS::MountTarget RedisNFSMountTargetOnSubnetB: Properties: FileSystemId: Ref: RedisFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet2 Type: AWS::EFS::MountTarget RedisService: DependsOn: - RedisNFSMountTargetOnSubnetB - RedisNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - RedisServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: redis TaskDefinition: Ref: RedisTaskDefinition Type: AWS::ECS::Service RedisServiceDiscoveryEntry: Properties: Description: 'Entry for "redis" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: redis NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service RedisTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Redis_ResolvConf_InitContainer - DependsOn: - Condition: SUCCESS ContainerName: Redis_ResolvConf_InitContainer Essential: true Image: docker.io/library/redis:7.0@sha256:5050c3b85c308ec9e9eafb8ac7b3a8742a61cdb298d79851141a500491d45baf LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /data SourceVolume: redis Name: redis PortMappings: - ContainerPort: 6379 HostPort: 6379 Protocol: tcp Cpu: "256" ExecutionRoleArn: !GetAtt RedisTaskExecutionRole.Arn Family: !Sub ${ClusterName}-redis Memory: "512" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: RedisTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: RedisAccessPoint IAM: ENABLED FilesystemId: Ref: RedisFilesystem TransitEncryption: ENABLED Name: redis Type: AWS::ECS::TaskDefinition RedisTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: redis Type: AWS::IAM::Role RedisTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: RedisAccessPoint Effect: Allow Resource: - Fn::GetAtt: - RedisFilesystem - Arn Version: 2012-10-17 PolicyName: RedisRedisVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: redis Type: AWS::IAM::Role SupersetService: DependsOn: - SupersetTCP8088Listener - DbService - RedisService - SupersethomeNFSMountTargetOnSubnetB - SupersethomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE LoadBalancers: - ContainerName: superset ContainerPort: 8088 TargetGroupArn: Ref: SupersetTCP8088TargetGroup NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - SupersetServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset TaskDefinition: Ref: SupersetTaskDefinition Type: AWS::ECS::Service SupersetServiceDiscoveryEntry: Properties: Description: 'Entry for "superset" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: superset NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service SupersetTCP8088Listener: Properties: DefaultActions: - ForwardConfig: TargetGroups: - TargetGroupArn: Ref: SupersetTCP8088TargetGroup Type: forward LoadBalancerArn: Ref: LoadBalancer Port: 8088 Protocol: TCP Type: AWS::ElasticLoadBalancingV2::Listener SupersetTCP8088TargetGroup: Properties: Port: 8088 Protocol: TCP Tags: - Key: com.docker.compose.project Value: !Ref ClusterName TargetType: ip VpcId: !Ref Vpc Type: AWS::ElasticLoadBalancingV2::TargetGroup SupersetTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Superset_ResolvConf_InitContainer - Command: - /app/docker/docker-bootstrap.sh - app DependsOn: - Condition: SUCCESS ContainerName: Superset_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword - Name: InstallProphet Value: !Ref InstallProphet Essential: true Image: public.ecr.aws/p9r6s5p7/superset:v2.0.0 LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /app/superset_home SourceVolume: superset_home Name: superset PortMappings: - ContainerPort: 8088 HostPort: 8088 Protocol: tcp User: root Cpu: "4096" ExecutionRoleArn: !GetAtt SupersetTaskExecutionRole.Arn Family: !Sub ${ClusterName}-superset Memory: "16384" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: SupersetTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: SupersethomeAccessPoint IAM: ENABLED FilesystemId: Ref: SupersethomeFilesystem TransitEncryption: ENABLED Name: superset_home Type: AWS::ECS::TaskDefinition SupersetTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset Type: AWS::IAM::Role SupersetTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonS3FullAccess - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonAthenaFullAccess Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: SupersethomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - SupersethomeFilesystem - Arn Version: 2012-10-17 PolicyName: SupersetSupersethomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset Type: AWS::IAM::Role SupersethomeAccessPoint: Properties: AccessPointTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: superset_home - Key: Name Value: !Sub ${ClusterName}_superset_home FileSystemId: Ref: SupersethomeFilesystem Type: AWS::EFS::AccessPoint SupersethomeFilesystem: DeletionPolicy: Delete Properties: Encrypted: true FileSystemTags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.volume Value: superset_home - Key: Name Value: !Sub ${ClusterName}_superset_home Type: AWS::EFS::FileSystem SupersethomeNFSMountTargetOnSubnetA: Properties: FileSystemId: Ref: SupersethomeFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet1 Type: AWS::EFS::MountTarget SupersethomeNFSMountTargetOnSubnetB: Properties: FileSystemId: Ref: SupersethomeFilesystem SecurityGroups: - Ref: DefaultNetwork SubnetId: !Ref PrivateSubnet2 Type: AWS::EFS::MountTarget SupersetinitService: DependsOn: - DbService - RedisService - SupersethomeNFSMountTargetOnSubnetB - SupersethomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn ServiceName: "supersetInitService" DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - SupersetinitServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-init TaskDefinition: Ref: SupersetinitTaskDefinition Type: AWS::ECS::Service SupersetinitServiceDiscoveryEntry: Properties: Description: 'Entry for "superset-init" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: superset-init NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service SupersetinitTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Supersetinit_ResolvConf_InitContainer - Command: - /app/docker/docker-init.sh DependsOn: - Condition: SUCCESS ContainerName: Supersetinit_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword Essential: false Image: public.ecr.aws/p9r6s5p7/superset:v2.0.0 LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /app/superset_home SourceVolume: superset_home Name: superset-init User: root - Command: - ecs - update-service - --cluster - !Ref ClusterName - --service - supersetInitService - --desired-count - "0" DependsOn: - Condition: SUCCESS ContainerName: superset-init Essential: true Image: amazon/aws-cli LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: superset-init-cleanup Cpu: "512" ExecutionRoleArn: !GetAtt SupersetinitTaskExecutionRole.Arn Family: !Sub ${ClusterName}-superset-init Memory: "1024" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: SupersetinitTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: SupersethomeAccessPoint IAM: ENABLED FilesystemId: Ref: SupersethomeFilesystem TransitEncryption: ENABLED Name: superset_home Type: AWS::ECS::TaskDefinition SupersetinitTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-init Type: AWS::IAM::Role SupersetinitTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonECS_FullAccess Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: SupersethomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - SupersethomeFilesystem - Arn Version: 2012-10-17 PolicyName: SupersetinitSupersethomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-init Type: AWS::IAM::Role SupersetnodeService: DependsOn: - DbService - RedisService - SupersethomeNFSMountTargetOnSubnetB - SupersethomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - SupersetnodeServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-node TaskDefinition: Ref: SupersetnodeTaskDefinition Type: AWS::ECS::Service SupersetnodeServiceDiscoveryEntry: Properties: Description: 'Entry for "superset-node" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: superset-node NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service SupersetnodeTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Supersetnode_ResolvConf_InitContainer - Command: - /app/docker/docker-frontend.sh DependsOn: - Condition: SUCCESS ContainerName: Supersetnode_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG Value: "false" - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword Essential: true Image: public.ecr.aws/p9r6s5p7/superset-node:v2.0.0 LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /app/superset_home SourceVolume: superset_home Name: superset-node Cpu: "4096" ExecutionRoleArn: !GetAtt SupersetnodeTaskExecutionRole.Arn Family: !Sub ${ClusterName}-superset-node Memory: "8192" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: SupersetnodeTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: SupersethomeAccessPoint IAM: ENABLED FilesystemId: Ref: SupersethomeFilesystem TransitEncryption: ENABLED Name: superset_home Type: AWS::ECS::TaskDefinition SupersetnodeTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-node Type: AWS::IAM::Role SupersetnodeTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: SupersethomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - SupersethomeFilesystem - Arn Version: 2012-10-17 PolicyName: SupersetnodeSupersethomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-node Type: AWS::IAM::Role SupersetworkerService: DependsOn: - DbService - RedisService - SupersethomeNFSMountTargetOnSubnetB - SupersethomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - SupersetworkerServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker TaskDefinition: Ref: SupersetworkerTaskDefinition Type: AWS::ECS::Service SupersetworkerServiceDiscoveryEntry: Properties: Description: 'Entry for "superset-worker" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: superset-worker NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service SupersetworkerTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Supersetworker_ResolvConf_InitContainer - Command: - /app/docker/docker-bootstrap.sh - worker DependsOn: - Condition: SUCCESS ContainerName: Supersetworker_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG Value: "false" - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword Essential: true Image: public.ecr.aws/p9r6s5p7/superset:v2.0.0 LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /app/superset_home SourceVolume: superset_home Name: superset-worker User: root Cpu: "4096" ExecutionRoleArn: !GetAtt SupersetworkerTaskExecutionRole.Arn Family: !Sub ${ClusterName}-superset-worker Memory: "16384" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: SupersetworkerTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: SupersethomeAccessPoint IAM: ENABLED FilesystemId: Ref: SupersethomeFilesystem TransitEncryption: ENABLED Name: superset_home Type: AWS::ECS::TaskDefinition SupersetworkerTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker Type: AWS::IAM::Role SupersetworkerTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: SupersethomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - SupersethomeFilesystem - Arn Version: 2012-10-17 PolicyName: SupersetworkerSupersethomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker Type: AWS::IAM::Role SupersetworkerbeatService: DependsOn: - DbService - RedisService - SupersethomeNFSMountTargetOnSubnetB - SupersethomeNFSMountTargetOnSubnetA Properties: Cluster: Fn::GetAtt: - Cluster - Arn DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 100 DeploymentController: Type: ECS DesiredCount: 1 LaunchType: FARGATE NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - Ref: DefaultNetwork Subnets: - !Ref PrivateSubnet1 - !Ref PrivateSubnet2 PlatformVersion: 1.4.0 PropagateTags: SERVICE SchedulingStrategy: REPLICA ServiceRegistries: - RegistryArn: Fn::GetAtt: - SupersetworkerbeatServiceDiscoveryEntry - Arn Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker-beat TaskDefinition: Ref: SupersetworkerbeatTaskDefinition Type: AWS::ECS::Service SupersetworkerbeatServiceDiscoveryEntry: Properties: Description: 'Entry for "superset-worker-beat" service discovery in AWS Cloud Map.' DnsConfig: DnsRecords: - TTL: 60 Type: A RoutingPolicy: MULTIVALUE HealthCheckCustomConfig: FailureThreshold: 1 Name: superset-worker-beat NamespaceId: Ref: CloudMap Type: AWS::ServiceDiscovery::Service SupersetworkerbeatTaskDefinition: Properties: ContainerDefinitions: - Command: - !Sub ${AWS::Region}.compute.internal - !Sub ${ClusterName}.local Essential: false Image: docker/ecs-searchdomain-sidecar:1.0 LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName Name: Supersetworkerbeat_ResolvConf_InitContainer - Command: - /app/docker/docker-bootstrap.sh - beat DependsOn: - Condition: SUCCESS ContainerName: Supersetworkerbeat_ResolvConf_InitContainer Environment: - Name: COMPOSE_PROJECT_NAME Value: superset - Name: CYPRESS_CONFIG Value: "false" - Name: DATABASE_DB Value: superset - Name: DATABASE_DIALECT Value: postgresql - Name: DATABASE_HOST Value: db - Name: DATABASE_PASSWORD Value: superset - Name: DATABASE_PORT Value: "5432" - Name: DATABASE_USER Value: superset - Name: FLASK_ENV Value: development - Name: POSTGRES_DB Value: superset - Name: POSTGRES_PASSWORD Value: superset - Name: POSTGRES_USER Value: superset - Name: PYTHONPATH Value: /app/pythonpath:/app/docker/pythonpath_dev - Name: REDIS_HOST Value: redis - Name: REDIS_PORT Value: "6379" - Name: SUPERSET_ENV Value: development - Name: SUPERSET_LOAD_EXAMPLES Value: !Ref WithExample - Name: SUPERSET_PORT Value: "8088" - Name: SUPERSET_USER Value: !Ref SuperSetUserName - Name: SUPERSET_PASSWORD Value: !Ref SuperSetUserPassword Essential: true Image: public.ecr.aws/p9r6s5p7/superset:v2.0.0 LinuxParameters: {} LogConfiguration: LogDriver: awslogs Options: awslogs-group: Ref: LogGroup awslogs-region: Ref: AWS::Region awslogs-stream-prefix: !Ref ClusterName MountPoints: - ContainerPath: /app/superset_home SourceVolume: superset_home Name: superset-worker-beat User: root Cpu: "4096" ExecutionRoleArn: !GetAtt SupersetworkerbeatTaskExecutionRole.Arn Family: !Sub ${ClusterName}-superset-worker-beat Memory: "16384" NetworkMode: awsvpc RequiresCompatibilities: - FARGATE TaskRoleArn: Ref: SupersetworkerbeatTaskRole Volumes: - EFSVolumeConfiguration: AuthorizationConfig: AccessPointId: Ref: SupersethomeAccessPoint IAM: ENABLED FilesystemId: Ref: SupersethomeFilesystem TransitEncryption: ENABLED Name: superset_home Type: AWS::ECS::TaskDefinition SupersetworkerbeatTaskExecutionRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker-beat Type: AWS::IAM::Role SupersetworkerbeatTaskRole: Properties: AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Condition: {} Effect: Allow Principal: Service: ecs-tasks.amazonaws.com Version: 2012-10-17 Policies: - PolicyDocument: Statement: - Action: - elasticfilesystem:ClientMount - elasticfilesystem:ClientWrite - elasticfilesystem:ClientRootAccess Condition: StringEquals: elasticfilesystem:AccessPointArn: Ref: SupersethomeAccessPoint Effect: Allow Resource: - Fn::GetAtt: - SupersethomeFilesystem - Arn Version: 2012-10-17 PolicyName: SupersetworkerbeatSupersethomeVolumeMountPolicy Tags: - Key: com.docker.compose.project Value: !Ref ClusterName - Key: com.docker.compose.service Value: superset-worker-beat Type: AWS::IAM::Role SuperDashboard: Type: 'AWS::CloudWatch::Dashboard' Properties: DashboardBody: !Join - '' - - |- { "widgets": [ { "height": 6, "width": 12, "y": 0, "x": 0, "type": "metric", "properties": { "metrics": [ [ "AWS/ECS", "MemoryUtilization", "ServiceName", " - !GetAtt - SupersetworkerbeatService - Name - '", "ClusterName", "' - !Ref Cluster - '", { "stat": "Average" } ],[ "...", "' - !GetAtt - SupersetworkerService - Name - '", ".", ".", { "stat": "Average" } ],[ "...", "' - !GetAtt - RedisService - Name - '", ".", ".", { "stat": "Average" } ],[ "...", "' - !GetAtt - DbService - Name - '", ".", ".", { "stat": "Average" } ],[ "...", "' - !GetAtt - SupersetnodeService - Name - '", ".", ".", { "stat": "Average" } ],[ "...", "' - !GetAtt - SupersetService - Name - >- ", ".", ".", { "stat": "Average" } ] ],"view": "timeSeries","stacked": false,"region": " - !Ref 'AWS::Region' - |- ","period": 300, "setPeriodToTimeRange": true, "legend": { "position": "bottom" }, "yAxis": { "left": { "label": "", "showUnits": true } }, "title": "MemoryUtilization-Services" } }, { "height": 6, "width": 12, "y": 6, "x": 0, "type": "metric", "properties": { "metrics": [ [ "AWS/ECS", "CPUUtilization", "ServiceName", " - !GetAtt - SupersetworkerService - Name - '", "ClusterName", "' - !Ref Cluster - '" ],[ "...", "' - !GetAtt - SupersetworkerbeatService - Name - '", ".", "." ],[ "...", "' - !GetAtt - RedisService - Name - '", ".", "." ],[ "...", "' - !GetAtt - DbService - Name - '", ".", "." ],[ "...", "' - !GetAtt - SupersetnodeService - Name - '", ".", "." ],[ "...", "' - !GetAtt - SupersetService - Name - |- ", ".", "." ] ], "view": "timeSeries", "stacked": false, "region": " - !Ref 'AWS::Region' - |- ", "period": 300, "title": "CPUUtilization-Services" } }, { "height": 6, "width": 12, "y": 0, "x": 12, "type": "metric", "properties": { "metrics": [ [ "AWS/ECS", "CPUUtilization", "ServiceName", " - !GetAtt - SupersetworkerService - Name - '", "ClusterName", "' - !Ref Cluster - >- ", { "stat": "SampleCount", "yAxis": "left", "period": 60 } ],[ "...", " - !GetAtt - SupersetnodeService - Name - '", ".", ".", { "period": 60, "stat": "SampleCount" } ],[ "...", "' - !GetAtt - DbService - Name - '", ".", ".", { "period": 60, "stat": "SampleCount" } ],[ "...", "' - !GetAtt - RedisService - Name - |- ", ".", ".", { "period": 60, "stat": "SampleCount" } ], [ "...", " - !GetAtt - SupersetService - Name - |- ", ".", ".", { "period": 60, "stat": "SampleCount" } ], [ "...", " - !GetAtt - SupersetworkerbeatService - Name - |- ", ".", ".", { "period": 60, "stat": "SampleCount" } ] ], "view": "singleValue", "region": " - !Ref 'AWS::Region' - |- ", "period": 300, "stacked": false, "setPeriodToTimeRange": true, "title": "RUNNING task count" } }, { "height": 6, "width": 12, "y": 12, "x": 12, "type": "metric", "properties": { "metrics": [ [ "AWS/EFS", "PercentIOLimit", "FileSystemId", " - !Ref DbhomeFilesystem - '", { "id": "m1", "visible": false }],[ "...", "' - !Ref RedisFilesystem - '", { "id": "m2", "visible": false }],[ "...", "' - !Ref SupersethomeFilesystem - >- ", { "id": "m3", "visible": false }],[ { "expression": "100*m1", "label": " - !Ref DbhomeFilesystem - |- ", "id": "e1" } ], [ { "expression": "100*(m2)", "label": " - !Ref RedisFilesystem - |- ", "id": "e2" } ], [ { "expression": "100*(m3)", "label": " - !Ref RedisFilesystem - |- ", "id": "e3" } ] ], "view": "timeSeries", "stacked": false, "region": " - !Ref 'AWS::Region' - |- ", "title": "EFS IO Utilization (%)", "period": 300 } }, { "height": 6, "width": 12, "y": 12, "x": 18, "type": "metric", "properties": { "metrics": [ [ { "expression": "(m1/1048576)/PERIOD(m1)", "label": "Expression1", "id": "e1", "visible": false, "region": " - !Ref 'AWS::Region' - |- " } ], [ { "expression": "m2/1048576", "label": "Expression2", "id": "e2", "visible": false, "region": " - !Ref 'AWS::Region' - |- " } ], [ { "expression": "e2-e1", "label": "Expression3", "id": "e3", "visible": false, "region": " - !Ref 'AWS::Region' - |- " } ], [ { "expression": "((e1)*100)/(e2)", "label": "Throughput Utilization(%)-DbhomeFilesystem ", "id": "e4", "region": " - !Ref 'AWS::Region' - |- " } ], [ "AWS/EFS", "MeteredIOBytes", "FileSystemId", " - !Ref DbhomeFilesystem - '", { "id": "m1", "period": 60, "visible": false, "region": "' - !Ref 'AWS::Region' - |- " } ], [ "AWS/EFS", "PermittedThroughput", "FileSystemId", " - !Ref DbhomeFilesystem - '", { "id": "m2", "period": 60, "visible": false, "region": "' - !Ref 'AWS::Region' - |- " } ] ], "view": "timeSeries", "stacked": false, "region": " - !Ref 'AWS::Region' - |- ", "stat": "Sum", "period": 300, "title": "EFS Throughput Utilization (%)", "annotations": { "horizontal": [ { "visible": true, "color": "#d13212", "label": "Utilization Warning", "value": 75, "fill": "above", "yAxis": "left" } ] }, "yAxis": { "left": { "max": 100 } } } }, { "height": 6, "width": 12, "y": 12, "x": 0, "type": "metric", "properties": { "metrics": [ [ "AWS/NetworkELB", "HealthyHostCount", "TargetGroup", " - !GetAtt - SupersetTCP8088TargetGroup - TargetGroupFullName - '", "AvailabilityZone", "' - !Select - 0 - !GetAZs '' - '", "LoadBalancer", "' - !GetAtt - LoadBalancer - LoadBalancerFullName - >- ", { "stat": "Minimum" } ],[ ".", "UnHealthyHostCount", ".", ".", ".", ".", ".", ".", { "stat": "Maximum" } ], [ ".", "HealthyHostCount", ".", ".", ".", " - !Select - 1 - !GetAZs '' - >- ", ".", ".", { "stat": "Minimum" } ],[ ".", "UnHealthyHostCount", ".", ".", ".", ".", ".", ".", { "stat": "Maximum" } ] ], "view": "timeSeries", "stacked": true, "region": " - !Ref 'AWS::Region' - |- ", "title": "Healthy/UnHealthyHostCount", "period": 300 } }, { "type": "log", "x": 0, "y": 18, "width": 24, "height": 6, "properties": { "query": "SOURCE ' - !Ref LogGroup - >- ' | fields @timestamp, @message\n| sort @timestamp desc\n| limit 20", "region": " - !Ref AWS::Region - >- ", "stacked": false, "view": "table" } }, { "height": 6, "width": 24, "y": 24, "x": 0, "type": "log", "properties": { "query": "SOURCE ' - !Ref LogGroup - >- ' | fields @timestamp, @message\n| filter @message like /Exception/\n| sort @timestamp desc", "region": " - !Ref AWS::Region - >- ", "stacked": false, "title": "Log group: Filter with exceptions", "view": "table" } } ] } Outputs: SupersetConsole: Description: URL of Superset console. Value: Fn::Sub: - ${url}:${port} - {url: !GetAtt LoadBalancer.DNSName, port: '8088'}