# CDK ECS CodeDeploy [![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg)](https://constructs.dev/packages/@cdklabs/cdk-ecs-codedeploy) [![npm version](https://badge.fury.io/js/@cdklabs%2Fcdk-ecs-codedeploy.svg)](https://badge.fury.io/js/@cdklabs%2Fcdk-ecs-codedeploy) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/io.github.cdklabs/cdk-ecs-codedeploy/badge.svg)](https://maven-badges.herokuapp.com/maven-central/io.github.cdklabs/cdk-ecs-codedeploy) [![PyPI version](https://badge.fury.io/py/cdklabs.ecs-codedeploy.svg)](https://badge.fury.io/py/cdklabs.ecs-codedeploy) [![NuGet version](https://badge.fury.io/nu/Cdklabs.CdkEcsCodeDeploy.svg)](https://badge.fury.io/nu/Cdklabs.CdkEcsCodeDeploy) [![Gitpod Ready-to-Code](https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod)](https://gitpod.io/#https://github.com/cdklabs/cdk-ecs-codedeploy) [![Mergify](https://img.shields.io/endpoint.svg?url=https://api.mergify.com/badges/cdklabs/cdk-ecs-codedeploy&style=flat)](https://mergify.io) This project contains CDK constructs to create CodeDeploy ECS deployments. ## Installation

TypeScript

```bash yarn add @cdklabs/cdk-ecs-codedeploy ```

Java

See https://mvnrepository.com/artifact/io.github.cdklabs/cdk-ecs-codedeploy

Python

See https://pypi.org/project/cdklabs.ecs-codedeploy/

See https://www.nuget.org/packages/Cdklabs.CdkEcsCodeDeploy/

### Deployments CodeDeploy for ECS can manage the deployment of new task definitions to ECS services. Only 1 deployment construct can be defined for a given EcsDeploymentGroup. ```ts declare const deploymentGroup: codeDeploy.IEcsDeploymentGroup; declare const taskDefinition: ecs.ITaskDefinition; new EcsDeployment({ deploymentGroup, targetService: { taskDefinition, containerName: 'mycontainer', containerPort: 80, }, }); ``` The deployment will use the AutoRollbackConfig for the EcsDeploymentGroup unless it is overridden in the deployment: ```ts declare const deploymentGroup: codeDeploy.IEcsDeploymentGroup; declare const taskDefinition: ecs.ITaskDefinition; new EcsDeployment({ deploymentGroup, targetService: { taskDefinition, containerName: 'mycontainer', containerPort: 80, }, autoRollback: { failedDeployment: true, deploymentInAlarm: true, stoppedDeployment: false, }, }); ``` By default, the deployment will timeout after 30 minutes. The timeout value can be overridden: ```ts declare const deploymentGroup: codeDeploy.IEcsDeploymentGroup; declare const taskDefinition: ecs.ITaskDefinition; new EcsDeployment({ deploymentGroup, targetService: { taskDefinition, containerName: 'mycontainer', containerPort: 80, }, timeout: Duration.minutes(60), }); ``` ### API Canaries CodeDeploy can leverage Cloudwatch Alarms to trigger automatic rollbacks. The `ApiCanary` construct simplifies the process for creating CloudWatch Synthetics Canaries to monitor APIs. The following code demonstrates a canary that monitors https://xkcd.com/908/info.0.json and checks the JSON response to assert that `safe_title` has the value of `'The Cloud'`. ```ts const canary = new ApiCanary(stack, 'Canary', { baseUrl: 'https://xkcd.com', durationAlarmThreshold: Duration.seconds(5), threadCount: 5, steps: [ { name: 'info', path: '/908/info.0.json', jmesPath: 'safe_title', expectedValue: 'The Cloud', }, ], }); ``` ### Application Load Balanced CodeDeployed Fargate Service An L3 construct named `ApplicationLoadBalancedCodeDeployedFargateService` extends [ApplicationLoadBalancedFargateService](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedFargateService.html) and adds support for deploying new versions of the service with AWS CodeDeploy. Additionally, an Amazon CloudWatch Synthetic canary is created via the `ApiCanary` construct and is monitored by the CodeDeploy deployment to trigger rollback if the canary begins to alarm. ```ts declare const cluster: ecs.ICluster; declare const image: ecs.ContainerImage; const service = new ApplicationLoadBalancedCodeDeployedFargateService(stack, 'Service', { cluster, taskImageOptions: { image, }, apiTestSteps: [{ name: 'health', path: '/health', jmesPath: 'status', expectedValue: 'ok', }], }); ``` ## Local Development ```bash yarn install yarn build yarn test ``` To run an integration test and update the snapshot, run: ```bash yarn integ:ecs-deployment:deploy ``` To recreate snapshots for integration tests, run: ```bash yarn integ:snapshot-all ``` ## Security See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information. ## License This project is licensed under the Apache-2.0 License. # API Reference ## Constructs ### ApiCanary A CloudWatch Synthetic Canary for monitoring APIs. #### Initializers ```typescript import { ApiCanary } from '@cdklabs/cdk-ecs-codedeploy' new ApiCanary(scope: Construct, id: string, props: ApiCanaryProps) ``` | **Name** | **Type** | **Description** | | --- | --- | --- | | scope | constructs.Construct | *No description.* | | id | string | *No description.* | | props | ApiCanaryProps | *No description.* | --- ##### `scope`^Required - *Type:* constructs.Construct --- ##### `id`^Required - *Type:* string --- ##### `props`^Required - *Type:* ApiCanaryProps --- #### Methods | **Name** | **Description** | | --- | --- | | toString | Returns a string representation of this construct. | | applyRemovalPolicy | Apply the given removal policy to this resource. | | metricDuration | Measure the Duration of a single canary run, in seconds. | | metricFailed | Measure the number of failed canary runs over a given time period. | | metricSuccessPercent | Measure the percentage of successful canary runs. | | addTestStep | Add a new test step to this canary. | --- ##### `toString` ```typescript public toString(): string ``` Returns a string representation of this construct. ##### `applyRemovalPolicy` ```typescript public applyRemovalPolicy(policy: RemovalPolicy): void ``` Apply the given removal policy to this resource. The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced. The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ###### `policy`^Required - *Type:* aws-cdk-lib.RemovalPolicy --- ##### `metricDuration` ```typescript public metricDuration(options?: MetricOptions): Metric ``` Measure the Duration of a single canary run, in seconds. ###### `options`^Optional - *Type:* aws-cdk-lib.aws_cloudwatch.MetricOptions configuration options for the metric. --- ##### `metricFailed` ```typescript public metricFailed(options?: MetricOptions): Metric ``` Measure the number of failed canary runs over a given time period. Default: sum over 5 minutes ###### `options`^Optional - *Type:* aws-cdk-lib.aws_cloudwatch.MetricOptions configuration options for the metric. --- ##### `metricSuccessPercent` ```typescript public metricSuccessPercent(options?: MetricOptions): Metric ``` Measure the percentage of successful canary runs. ###### `options`^Optional - *Type:* aws-cdk-lib.aws_cloudwatch.MetricOptions configuration options for the metric. --- ##### `addTestStep` ```typescript public addTestStep(step: ApiTestStep): void ``` Add a new test step to this canary. ###### `step`^Required - *Type:* ApiTestStep ApiTestStep to add. --- #### Static Functions | **Name** | **Description** | | --- | --- | | isConstruct | Checks if `x` is a construct. | | isOwnedResource | Returns true if the construct was created by CDK, and false otherwise. | | isResource | Check whether the given construct is a Resource. | --- ##### ~~`isConstruct`~~ ```typescript import { ApiCanary } from '@cdklabs/cdk-ecs-codedeploy' ApiCanary.isConstruct(x: any) ``` Checks if `x` is a construct. ###### `x`^Required - *Type:* any Any object. --- ##### `isOwnedResource` ```typescript import { ApiCanary } from '@cdklabs/cdk-ecs-codedeploy' ApiCanary.isOwnedResource(construct: IConstruct) ``` Returns true if the construct was created by CDK, and false otherwise. ###### `construct`^Required - *Type:* constructs.IConstruct --- ##### `isResource` ```typescript import { ApiCanary } from '@cdklabs/cdk-ecs-codedeploy' ApiCanary.isResource(construct: IConstruct) ``` Check whether the given construct is a Resource. ###### `construct`^Required - *Type:* constructs.IConstruct --- #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | node | constructs.Node | The tree node. | | env | aws-cdk-lib.ResourceEnvironment | The environment this resource belongs to. | | stack | aws-cdk-lib.Stack | The stack in which this resource is defined. | | artifactsBucket | aws-cdk-lib.aws_s3.IBucket | Bucket where data from each canary run is stored. | | canaryId | string | The canary ID. | | canaryName | string | The canary Name. | | canaryState | string | The state of the canary. | | connections | aws-cdk-lib.aws_ec2.Connections | Access the Connections object. | | role | aws-cdk-lib.aws_iam.IRole | Execution role associated with this Canary. | | successAlarm | aws-cdk-lib.aws_cloudwatch.Alarm | A CloudWatch Alarm that triggers when the success rate falls below 100% over the past 2 periods. | | durationAlarm | aws-cdk-lib.aws_cloudwatch.Alarm | A CloudWatch Alarm that triggers when the duration of the tests exceeds the given threshold over the past 2 periods. | --- ##### `node`^Required ```typescript public readonly node: Node; ``` - *Type:* constructs.Node The tree node. --- ##### `env`^Required ```typescript public readonly env: ResourceEnvironment; ``` - *Type:* aws-cdk-lib.ResourceEnvironment The environment this resource belongs to. For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into. --- ##### `stack`^Required ```typescript public readonly stack: Stack; ``` - *Type:* aws-cdk-lib.Stack The stack in which this resource is defined. --- ##### `artifactsBucket`^Required ```typescript public readonly artifactsBucket: IBucket; ``` - *Type:* aws-cdk-lib.aws_s3.IBucket Bucket where data from each canary run is stored. --- ##### `canaryId`^Required ```typescript public readonly canaryId: string; ``` - *Type:* string The canary ID. --- ##### `canaryName`^Required ```typescript public readonly canaryName: string; ``` - *Type:* string The canary Name. --- ##### `canaryState`^Required ```typescript public readonly canaryState: string; ``` - *Type:* string The state of the canary. For example, 'RUNNING', 'STOPPED', 'NOT STARTED', or 'ERROR'. --- ##### `connections`^Required ```typescript public readonly connections: Connections; ``` - *Type:* aws-cdk-lib.aws_ec2.Connections Access the Connections object. Will fail if not a VPC-enabled Canary --- ##### `role`^Required ```typescript public readonly role: IRole; ``` - *Type:* aws-cdk-lib.aws_iam.IRole Execution role associated with this Canary. --- ##### `successAlarm`^Required ```typescript public readonly successAlarm: Alarm; ``` - *Type:* aws-cdk-lib.aws_cloudwatch.Alarm A CloudWatch Alarm that triggers when the success rate falls below 100% over the past 2 periods. --- ##### `durationAlarm`^Optional ```typescript public readonly durationAlarm: Alarm; ``` - *Type:* aws-cdk-lib.aws_cloudwatch.Alarm A CloudWatch Alarm that triggers when the duration of the tests exceeds the given threshold over the past 2 periods. --- ### ApplicationLoadBalancedCodeDeployedFargateService A Fargate service running on an ECS cluster fronted by an application load balancer and deployed by CodeDeploy. #### Initializers ```typescript import { ApplicationLoadBalancedCodeDeployedFargateService } from '@cdklabs/cdk-ecs-codedeploy' new ApplicationLoadBalancedCodeDeployedFargateService(scope: Construct, id: string, props: ApplicationLoadBalancedCodeDeployedFargateServiceProps) ``` | **Name** | **Type** | **Description** | | --- | --- | --- | | scope | constructs.Construct | *No description.* | | id | string | *No description.* | | props | ApplicationLoadBalancedCodeDeployedFargateServiceProps | *No description.* | --- ##### `scope`^Required - *Type:* constructs.Construct --- ##### `id`^Required - *Type:* string --- ##### `props`^Required - *Type:* ApplicationLoadBalancedCodeDeployedFargateServiceProps --- #### Methods | **Name** | **Description** | | --- | --- | | toString | Returns a string representation of this construct. | --- ##### `toString` ```typescript public toString(): string ``` Returns a string representation of this construct. #### Static Functions | **Name** | **Description** | | --- | --- | | isConstruct | Checks if `x` is a construct. | --- ##### ~~`isConstruct`~~ ```typescript import { ApplicationLoadBalancedCodeDeployedFargateService } from '@cdklabs/cdk-ecs-codedeploy' ApplicationLoadBalancedCodeDeployedFargateService.isConstruct(x: any) ``` Checks if `x` is a construct. ###### `x`^Required - *Type:* any Any object. --- #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | node | constructs.Node | The tree node. | | cluster | aws-cdk-lib.aws_ecs.ICluster | The cluster that hosts the service. | | listener | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener | The listener for the service. | | loadBalancer | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationLoadBalancer | The Application Load Balancer for the service. | | targetGroup | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup | The target group for the service. | | certificate | aws-cdk-lib.aws_certificatemanager.ICertificate | Certificate Manager certificate to associate with the load balancer. | | internalDesiredCount | number | The desired number of instantiations of the task definition to keep running on the service. | | redirectListener | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener | The redirect listener for the service if redirectHTTP is enabled. | | assignPublicIp | boolean | Determines whether the service will be assigned a public IP address. | | service | aws-cdk-lib.aws_ecs.FargateService | The Fargate service in this construct. | | taskDefinition | aws-cdk-lib.aws_ecs.FargateTaskDefinition | The Fargate task definition in this construct. | | accessLogBucket | aws-cdk-lib.aws_s3.IBucket | S3 Bucket used for access logs. | | application | aws-cdk-lib.aws_codedeploy.EcsApplication | CodeDeploy application for this service. | | deployment | EcsDeployment | CodeDeploy deployment for this service. | | deploymentGroup | aws-cdk-lib.aws_codedeploy.EcsDeploymentGroup | CodeDeploy deployment group for this service. | | greenTargetGroup | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup | Test target group to use for CodeDeploy deployments. | | testListener | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener | Test listener to use for CodeDeploy deployments. | | apiCanary | ApiCanary | API Canary for the service. | | healthAlarm | aws-cdk-lib.aws_cloudwatch.IAlarm | Composite alarm for monitoring health of service. | --- ##### `node`^Required ```typescript public readonly node: Node; ``` - *Type:* constructs.Node The tree node. --- ##### `cluster`^Required ```typescript public readonly cluster: ICluster; ``` - *Type:* aws-cdk-lib.aws_ecs.ICluster The cluster that hosts the service. --- ##### `listener`^Required ```typescript public readonly listener: ApplicationListener; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener The listener for the service. --- ##### `loadBalancer`^Required ```typescript public readonly loadBalancer: ApplicationLoadBalancer; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationLoadBalancer The Application Load Balancer for the service. --- ##### `targetGroup`^Required ```typescript public readonly targetGroup: ApplicationTargetGroup; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup The target group for the service. --- ##### `certificate`^Optional ```typescript public readonly certificate: ICertificate; ``` - *Type:* aws-cdk-lib.aws_certificatemanager.ICertificate Certificate Manager certificate to associate with the load balancer. --- ##### `internalDesiredCount`^Optional ```typescript public readonly internalDesiredCount: number; ``` - *Type:* number The desired number of instantiations of the task definition to keep running on the service. The default is 1 for all new services and uses the existing services desired count when updating an existing service if one is not provided. --- ##### `redirectListener`^Optional ```typescript public readonly redirectListener: ApplicationListener; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener The redirect listener for the service if redirectHTTP is enabled. --- ##### `assignPublicIp`^Required ```typescript public readonly assignPublicIp: boolean; ``` - *Type:* boolean Determines whether the service will be assigned a public IP address. --- ##### `service`^Required ```typescript public readonly service: FargateService; ``` - *Type:* aws-cdk-lib.aws_ecs.FargateService The Fargate service in this construct. --- ##### `taskDefinition`^Required ```typescript public readonly taskDefinition: FargateTaskDefinition; ``` - *Type:* aws-cdk-lib.aws_ecs.FargateTaskDefinition The Fargate task definition in this construct. --- ##### `accessLogBucket`^Required ```typescript public readonly accessLogBucket: IBucket; ``` - *Type:* aws-cdk-lib.aws_s3.IBucket S3 Bucket used for access logs. --- ##### `application`^Required ```typescript public readonly application: EcsApplication; ``` - *Type:* aws-cdk-lib.aws_codedeploy.EcsApplication CodeDeploy application for this service. --- ##### `deployment`^Required ```typescript public readonly deployment: EcsDeployment; ``` - *Type:* EcsDeployment CodeDeploy deployment for this service. --- ##### `deploymentGroup`^Required ```typescript public readonly deploymentGroup: EcsDeploymentGroup; ``` - *Type:* aws-cdk-lib.aws_codedeploy.EcsDeploymentGroup CodeDeploy deployment group for this service. --- ##### `greenTargetGroup`^Required ```typescript public readonly greenTargetGroup: ApplicationTargetGroup; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationTargetGroup Test target group to use for CodeDeploy deployments. --- ##### `testListener`^Required ```typescript public readonly testListener: ApplicationListener; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationListener Test listener to use for CodeDeploy deployments. --- ##### `apiCanary`^Optional ```typescript public readonly apiCanary: ApiCanary; ``` - *Type:* ApiCanary API Canary for the service. --- ##### `healthAlarm`^Optional ```typescript public readonly healthAlarm: IAlarm; ``` - *Type:* aws-cdk-lib.aws_cloudwatch.IAlarm Composite alarm for monitoring health of service. --- ### EcsDeployment A CodeDeploy Deployment for a Amazon ECS service DeploymentGroup. An EcsDeploymentGroup must only have 1 EcsDeployment. This limit is enforced by removing the scope and id from the constructor. The scope will always be set to the EcsDeploymentGroup and the id will always be set to the string 'Deployment' to force an error if mulitiple EcsDeployment constructs are created for a single EcsDeploymentGroup. #### Initializers ```typescript import { EcsDeployment } from '@cdklabs/cdk-ecs-codedeploy' new EcsDeployment(props: EcsDeploymentProps) ``` | **Name** | **Type** | **Description** | | --- | --- | --- | | props | EcsDeploymentProps | *No description.* | --- ##### `props`^Required - *Type:* EcsDeploymentProps --- #### Methods | **Name** | **Description** | | --- | --- | | toString | Returns a string representation of this construct. | --- ##### `toString` ```typescript public toString(): string ``` Returns a string representation of this construct. #### Static Functions | **Name** | **Description** | | --- | --- | | isConstruct | Checks if `x` is a construct. | --- ##### ~~`isConstruct`~~ ```typescript import { EcsDeployment } from '@cdklabs/cdk-ecs-codedeploy' EcsDeployment.isConstruct(x: any) ``` Checks if `x` is a construct. ###### `x`^Required - *Type:* any Any object. --- #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | node | constructs.Node | The tree node. | | deploymentId | string | The id of the deployment that was created. | --- ##### `node`^Required ```typescript public readonly node: Node; ``` - *Type:* constructs.Node The tree node. --- ##### `deploymentId`^Required ```typescript public readonly deploymentId: string; ``` - *Type:* string The id of the deployment that was created. --- ## Structs ### ApiCanaryProps #### Initializer ```typescript import { ApiCanaryProps } from '@cdklabs/cdk-ecs-codedeploy' const apiCanaryProps: ApiCanaryProps = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | baseUrl | string | The base URL to use for tests. | | artifactsBucketLocation | @aws-cdk/aws-synthetics-alpha.ArtifactsBucketLocation | The s3 location that stores the data of the canary runs. | | canaryName | string | The name of the canary. | | durationAlarmThreshold | aws-cdk-lib.Duration | The threshold for triggering an alarm on the test duration. | | failureRetentionPeriod | aws-cdk-lib.Duration | How many days should failed runs be retained. | | role | aws-cdk-lib.aws_iam.IRole | Canary execution role. | | schedule | @aws-cdk/aws-synthetics-alpha.Schedule | Specify the schedule for how often the canary runs. | | securityGroups | aws-cdk-lib.aws_ec2.ISecurityGroup[] | The list of security groups to associate with the canary's network interfaces. | | startAfterCreation | boolean | Whether or not the canary should start after creation. | | steps | ApiTestStep[] | The steps to perform in the synthetic test. | | successRetentionPeriod | aws-cdk-lib.Duration | How many days should successful runs be retained. | | threadCount | number | The number of threads to run concurrently for the synthetic test. | | timeToLive | aws-cdk-lib.Duration | How long the canary will be in a 'RUNNING' state. | | vpc | aws-cdk-lib.aws_ec2.IVpc | The VPC where this canary is run. | | vpcSubnets | aws-cdk-lib.aws_ec2.SubnetSelection | Where to place the network interfaces within the VPC. | --- ##### `baseUrl`^Required ```typescript public readonly baseUrl: string; ``` - *Type:* string The base URL to use for tests. --- ##### `artifactsBucketLocation`^Optional ```typescript public readonly artifactsBucketLocation: ArtifactsBucketLocation; ``` - *Type:* @aws-cdk/aws-synthetics-alpha.ArtifactsBucketLocation - *Default:* A new s3 bucket will be created without a prefix. The s3 location that stores the data of the canary runs. --- ##### `canaryName`^Optional ```typescript public readonly canaryName: string; ``` - *Type:* string - *Default:* A unique name will be generated from the construct ID The name of the canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account. Do not include secrets or proprietary information in your canary name. The canary name makes up part of the canary ARN, which is included in outbound calls over the internet. > [https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) --- ##### `durationAlarmThreshold`^Optional ```typescript public readonly durationAlarmThreshold: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* no alarm is created for duration The threshold for triggering an alarm on the test duration. --- ##### `failureRetentionPeriod`^Optional ```typescript public readonly failureRetentionPeriod: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* Duration.days(31) How many days should failed runs be retained. --- ##### `role`^Optional ```typescript public readonly role: IRole; ``` - *Type:* aws-cdk-lib.aws_iam.IRole - *Default:* A unique role will be generated for this canary. You can add permissions to roles by calling 'addToRolePolicy'. Canary execution role. This is the role that will be assumed by the canary upon execution. It controls the permissions that the canary will have. The role must be assumable by the AWS Lambda service principal. If not supplied, a role will be created with all the required permissions. If you provide a Role, you must add the required permissions. > [required permissions: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-synthetics-canary.html#cfn-synthetics-canary-executionrolearn](required permissions: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-synthetics-canary.html#cfn-synthetics-canary-executionrolearn) --- ##### `schedule`^Optional ```typescript public readonly schedule: Schedule; ``` - *Type:* @aws-cdk/aws-synthetics-alpha.Schedule - *Default:* 'rate(5 minutes)' Specify the schedule for how often the canary runs. For example, if you set `schedule` to `rate(10 minutes)`, then the canary will run every 10 minutes. You can set the schedule with `Schedule.rate(Duration)` (recommended) or you can specify an expression using `Schedule.expression()`. --- ##### `securityGroups`^Optional ```typescript public readonly securityGroups: ISecurityGroup[]; ``` - *Type:* aws-cdk-lib.aws_ec2.ISecurityGroup[] - *Default:* If the canary is placed within a VPC and a security group is not specified a dedicated security group will be created for this canary. The list of security groups to associate with the canary's network interfaces. You must provide `vpc` when using this prop. --- ##### `startAfterCreation`^Optional ```typescript public readonly startAfterCreation: boolean; ``` - *Type:* boolean - *Default:* true Whether or not the canary should start after creation. --- ##### `steps`^Optional ```typescript public readonly steps: ApiTestStep[]; ``` - *Type:* ApiTestStep[] The steps to perform in the synthetic test. --- ##### `successRetentionPeriod`^Optional ```typescript public readonly successRetentionPeriod: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* Duration.days(31) How many days should successful runs be retained. --- ##### `threadCount`^Optional ```typescript public readonly threadCount: number; ``` - *Type:* number - *Default:* 20 The number of threads to run concurrently for the synthetic test. --- ##### `timeToLive`^Optional ```typescript public readonly timeToLive: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* no limit How long the canary will be in a 'RUNNING' state. For example, if you set `timeToLive` to be 1 hour and `schedule` to be `rate(10 minutes)`, your canary will run at 10 minute intervals for an hour, for a total of 6 times. --- ##### `vpc`^Optional ```typescript public readonly vpc: IVpc; ``` - *Type:* aws-cdk-lib.aws_ec2.IVpc - *Default:* Not in VPC The VPC where this canary is run. Specify this if the canary needs to access resources in a VPC. --- ##### `vpcSubnets`^Optional ```typescript public readonly vpcSubnets: SubnetSelection; ``` - *Type:* aws-cdk-lib.aws_ec2.SubnetSelection - *Default:* the Vpc default strategy if not specified Where to place the network interfaces within the VPC. You must provide `vpc` when using this prop. --- ### ApiTestStep #### Initializer ```typescript import { ApiTestStep } from '@cdklabs/cdk-ecs-codedeploy' const apiTestStep: ApiTestStep = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | name | string | Name of test. | | path | string | Path of HTTP request, relative to baseUrl. | | body | string | Optional body to include in HTTP request. | | expectedValue | any | Expected value to compare against the jmesPath. | | headers | {[ key: string ]: string} | Optional headers to include in HTTP request. | | jmesPath | string | JMESPath to apply against the response from the HTTP request and compare against expected value. | | method | string | Optional method to for HTTP request. | --- ##### `name`^Required ```typescript public readonly name: string; ``` - *Type:* string Name of test. --- ##### `path`^Required ```typescript public readonly path: string; ``` - *Type:* string Path of HTTP request, relative to baseUrl. --- ##### `body`^Optional ```typescript public readonly body: string; ``` - *Type:* string - *Default:* no body included. Optional body to include in HTTP request. --- ##### `expectedValue`^Optional ```typescript public readonly expectedValue: any; ``` - *Type:* any - *Default:* undefined Expected value to compare against the jmesPath. --- ##### `headers`^Optional ```typescript public readonly headers: {[ key: string ]: string}; ``` - *Type:* {[ key: string ]: string} - *Default:* no headers included. Optional headers to include in HTTP request. --- ##### `jmesPath`^Optional ```typescript public readonly jmesPath: string; ``` - *Type:* string - *Default:* no JMESPath assertion will be performed. JMESPath to apply against the response from the HTTP request and compare against expected value. --- ##### `method`^Optional ```typescript public readonly method: string; ``` - *Type:* string - *Default:* GET Optional method to for HTTP request. --- ### ApplicationLoadBalancedCodeDeployedFargateServiceProps The properties for the ApplicationLoadBalancedCodeDeployedFargateService service. #### Initializer ```typescript import { ApplicationLoadBalancedCodeDeployedFargateServiceProps } from '@cdklabs/cdk-ecs-codedeploy' const applicationLoadBalancedCodeDeployedFargateServiceProps: ApplicationLoadBalancedCodeDeployedFargateServiceProps = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | capacityProviderStrategies | aws-cdk-lib.aws_ecs.CapacityProviderStrategy[] | A list of Capacity Provider strategies used to place a service. | | certificate | aws-cdk-lib.aws_certificatemanager.ICertificate | Certificate Manager certificate to associate with the load balancer. | | circuitBreaker | aws-cdk-lib.aws_ecs.DeploymentCircuitBreaker | Whether to enable the deployment circuit breaker. | | cloudMapOptions | aws-cdk-lib.aws_ecs.CloudMapOptions | The options for configuring an Amazon ECS service to use service discovery. | | cluster | aws-cdk-lib.aws_ecs.ICluster | The name of the cluster that hosts the service. | | deploymentController | aws-cdk-lib.aws_ecs.DeploymentController | Specifies which deployment controller to use for the service. | | desiredCount | number | The desired number of instantiations of the task definition to keep running on the service. | | domainName | string | The domain name for the service, e.g. "api.example.com.". | | domainZone | aws-cdk-lib.aws_route53.IHostedZone | The Route53 hosted zone for the domain, e.g. "example.com.". | | enableECSManagedTags | boolean | Specifies whether to enable Amazon ECS managed tags for the tasks within the service. | | enableExecuteCommand | boolean | Whether ECS Exec should be enabled. | | healthCheckGracePeriod | aws-cdk-lib.Duration | The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started. | | idleTimeout | aws-cdk-lib.Duration | The load balancer idle timeout, in seconds. | | listenerPort | number | Listener port of the application load balancer that will serve traffic to the service. | | loadBalancer | aws-cdk-lib.aws_elasticloadbalancingv2.IApplicationLoadBalancer | The application load balancer that will serve traffic to the service. | | loadBalancerName | string | Name of the load balancer. | | maxHealthyPercent | number | The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. | | minHealthyPercent | number | The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. | | openListener | boolean | Determines whether or not the Security Group for the Load Balancer's Listener will be open to all traffic by default. | | propagateTags | aws-cdk-lib.aws_ecs.PropagatedTagSource | Specifies whether to propagate the tags from the task definition or the service to the tasks in the service. | | protocol | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocol | The protocol for connections from clients to the load balancer. | | protocolVersion | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocolVersion | The protocol version to use. | | publicLoadBalancer | boolean | Determines whether the Load Balancer will be internet-facing. | | recordType | aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedServiceRecordType | Specifies whether the Route53 record should be a CNAME, an A record using the Alias feature or no record at all. | | redirectHTTP | boolean | Specifies whether the load balancer should redirect traffic on port 80 to port 443 to support HTTP->HTTPS redirects This is only valid if the protocol of the ALB is HTTPS. | | serviceName | string | The name of the service. | | sslPolicy | aws-cdk-lib.aws_elasticloadbalancingv2.SslPolicy | The security policy that defines which ciphers and protocols are supported by the ALB Listener. | | targetProtocol | aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocol | The protocol for connections from the load balancer to the ECS tasks. | | taskImageOptions | aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedTaskImageOptions | The properties required to create a new task definition. | | vpc | aws-cdk-lib.aws_ec2.IVpc | The VPC where the container instances will be launched or the elastic network interfaces (ENIs) will be deployed. | | cpu | number | The number of cpu units used by the task. | | memoryLimitMiB | number | The amount (in MiB) of memory used by the task. | | platformVersion | aws-cdk-lib.aws_ecs.FargatePlatformVersion | The platform version on which to run your service. | | runtimePlatform | aws-cdk-lib.aws_ecs.RuntimePlatform | The runtime platform of the task definition. | | taskDefinition | aws-cdk-lib.aws_ecs.FargateTaskDefinition | The task definition to use for tasks in the service. TaskDefinition or TaskImageOptions must be specified, but not both. | | assignPublicIp | boolean | Determines whether the service will be assigned a public IP address. | | securityGroups | aws-cdk-lib.aws_ec2.ISecurityGroup[] | The security groups to associate with the service. | | taskSubnets | aws-cdk-lib.aws_ec2.SubnetSelection | The subnets to associate with the service. | | accessLogBucket | aws-cdk-lib.aws_s3.IBucket | The bucket to use for access logs from the Application Load Balancer. | | accessLogPrefix | string | The prefix to use for access logs from the Application Load Balancer. | | apiCanarySchedule | aws-cdk-lib.Duration | The frequency for running the api canaries. | | apiCanaryThreadCount | number | The number of threads to run concurrently for the synthetic test. | | apiCanaryTimeout | aws-cdk-lib.Duration | The threshold for how long a api canary can take to run. | | apiTestSteps | ApiTestStep[] | The steps to run in the canary. | | deploymentConfig | aws-cdk-lib.aws_codedeploy.IEcsDeploymentConfig | The deployment configuration to use for the deployment group. | | deploymentTimeout | aws-cdk-lib.Duration | The timeout for a CodeDeploy deployment. | | deregistrationDelay | aws-cdk-lib.Duration | The amount of time for ELB to wait before changing the state of a deregistering target from 'draining' to 'unused'. | | healthCheck | aws-cdk-lib.aws_elasticloadbalancingv2.HealthCheck | The healthcheck to configure on the Application Load Balancer target groups. | | hooks | AppSpecHooks | Optional lifecycle hooks. | | responseTimeAlarmThreshold | aws-cdk-lib.Duration | The threshold for response time alarm. | | terminationWaitTime | aws-cdk-lib.Duration | The time to wait before terminating the original (blue) task set. | | testPort | number | The port to use for test traffic on the listener. | --- ##### `capacityProviderStrategies`^Optional ```typescript public readonly capacityProviderStrategies: CapacityProviderStrategy[]; ``` - *Type:* aws-cdk-lib.aws_ecs.CapacityProviderStrategy[] - *Default:* undefined A list of Capacity Provider strategies used to place a service. --- ##### `certificate`^Optional ```typescript public readonly certificate: ICertificate; ``` - *Type:* aws-cdk-lib.aws_certificatemanager.ICertificate - *Default:* No certificate associated with the load balancer, if using the HTTP protocol. For HTTPS, a DNS-validated certificate will be created for the load balancer's specified domain name if a domain name and domain zone are specified. Certificate Manager certificate to associate with the load balancer. Setting this option will set the load balancer protocol to HTTPS. --- ##### `circuitBreaker`^Optional ```typescript public readonly circuitBreaker: DeploymentCircuitBreaker; ``` - *Type:* aws-cdk-lib.aws_ecs.DeploymentCircuitBreaker - *Default:* disabled Whether to enable the deployment circuit breaker. If this property is defined, circuit breaker will be implicitly enabled. --- ##### `cloudMapOptions`^Optional ```typescript public readonly cloudMapOptions: CloudMapOptions; ``` - *Type:* aws-cdk-lib.aws_ecs.CloudMapOptions - *Default:* AWS Cloud Map service discovery is not enabled. The options for configuring an Amazon ECS service to use service discovery. --- ##### `cluster`^Optional ```typescript public readonly cluster: ICluster; ``` - *Type:* aws-cdk-lib.aws_ecs.ICluster - *Default:* create a new cluster; if both cluster and vpc are omitted, a new VPC will be created for you. The name of the cluster that hosts the service. If a cluster is specified, the vpc construct should be omitted. Alternatively, you can omit both cluster and vpc. --- ##### `deploymentController`^Optional ```typescript public readonly deploymentController: DeploymentController; ``` - *Type:* aws-cdk-lib.aws_ecs.DeploymentController - *Default:* Rolling update (ECS) Specifies which deployment controller to use for the service. For more information, see [Amazon ECS Deployment Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) --- ##### `desiredCount`^Optional ```typescript public readonly desiredCount: number; ``` - *Type:* number - *Default:* If the feature flag, ECS_REMOVE_DEFAULT_DESIRED_COUNT is false, the default is 1; if true, the default is 1 for all new services and uses the existing services desired count when updating an existing service. The desired number of instantiations of the task definition to keep running on the service. The minimum value is 1 --- ##### `domainName`^Optional ```typescript public readonly domainName: string; ``` - *Type:* string - *Default:* No domain name. The domain name for the service, e.g. "api.example.com.". --- ##### `domainZone`^Optional ```typescript public readonly domainZone: IHostedZone; ``` - *Type:* aws-cdk-lib.aws_route53.IHostedZone - *Default:* No Route53 hosted domain zone. The Route53 hosted zone for the domain, e.g. "example.com.". --- ##### `enableECSManagedTags`^Optional ```typescript public readonly enableECSManagedTags: boolean; ``` - *Type:* boolean - *Default:* false Specifies whether to enable Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) --- ##### `enableExecuteCommand`^Optional ```typescript public readonly enableExecuteCommand: boolean; ``` - *Type:* boolean - *Default:* false Whether ECS Exec should be enabled. --- ##### `healthCheckGracePeriod`^Optional ```typescript public readonly healthCheckGracePeriod: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* defaults to 60 seconds if at least one load balancer is in-use and it is not already set The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started. --- ##### `idleTimeout`^Optional ```typescript public readonly idleTimeout: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* CloudFormation sets idle timeout to 60 seconds The load balancer idle timeout, in seconds. Can be between 1 and 4000 seconds --- ##### `listenerPort`^Optional ```typescript public readonly listenerPort: number; ``` - *Type:* number - *Default:* The default listener port is determined from the protocol (port 80 for HTTP, port 443 for HTTPS). A domain name and zone must be also be specified if using HTTPS. Listener port of the application load balancer that will serve traffic to the service. --- ##### `loadBalancer`^Optional ```typescript public readonly loadBalancer: IApplicationLoadBalancer; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.IApplicationLoadBalancer - *Default:* a new load balancer will be created. The application load balancer that will serve traffic to the service. The VPC attribute of a load balancer must be specified for it to be used to create a new service with this pattern. [disable-awslint:ref-via-interface] --- ##### `loadBalancerName`^Optional ```typescript public readonly loadBalancerName: string; ``` - *Type:* string - *Default:* Automatically generated name. Name of the load balancer. --- ##### `maxHealthyPercent`^Optional ```typescript public readonly maxHealthyPercent: number; ``` - *Type:* number - *Default:* 100 if daemon, otherwise 200 The maximum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that can run in a service during a deployment. --- ##### `minHealthyPercent`^Optional ```typescript public readonly minHealthyPercent: number; ``` - *Type:* number - *Default:* 0 if daemon, otherwise 50 The minimum number of tasks, specified as a percentage of the Amazon ECS service's DesiredCount value, that must continue to run and remain healthy during a deployment. --- ##### `openListener`^Optional ```typescript public readonly openListener: boolean; ``` - *Type:* boolean - *Default:* true -- The security group allows ingress from all IP addresses. Determines whether or not the Security Group for the Load Balancer's Listener will be open to all traffic by default. --- ##### `propagateTags`^Optional ```typescript public readonly propagateTags: PropagatedTagSource; ``` - *Type:* aws-cdk-lib.aws_ecs.PropagatedTagSource - *Default:* none Specifies whether to propagate the tags from the task definition or the service to the tasks in the service. Tags can only be propagated to the tasks within the service during service creation. --- ##### `protocol`^Optional ```typescript public readonly protocol: ApplicationProtocol; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocol - *Default:* HTTP. If a certificate is specified, the protocol will be set by default to HTTPS. The protocol for connections from clients to the load balancer. The load balancer port is determined from the protocol (port 80 for HTTP, port 443 for HTTPS). If HTTPS, either a certificate or domain name and domain zone must also be specified. --- ##### `protocolVersion`^Optional ```typescript public readonly protocolVersion: ApplicationProtocolVersion; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocolVersion - *Default:* ApplicationProtocolVersion.HTTP1 The protocol version to use. --- ##### `publicLoadBalancer`^Optional ```typescript public readonly publicLoadBalancer: boolean; ``` - *Type:* boolean - *Default:* true Determines whether the Load Balancer will be internet-facing. --- ##### `recordType`^Optional ```typescript public readonly recordType: ApplicationLoadBalancedServiceRecordType; ``` - *Type:* aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedServiceRecordType - *Default:* ApplicationLoadBalancedServiceRecordType.ALIAS Specifies whether the Route53 record should be a CNAME, an A record using the Alias feature or no record at all. This is useful if you need to work with DNS systems that do not support alias records. --- ##### `redirectHTTP`^Optional ```typescript public readonly redirectHTTP: boolean; ``` - *Type:* boolean - *Default:* false Specifies whether the load balancer should redirect traffic on port 80 to port 443 to support HTTP->HTTPS redirects This is only valid if the protocol of the ALB is HTTPS. --- ##### `serviceName`^Optional ```typescript public readonly serviceName: string; ``` - *Type:* string - *Default:* CloudFormation-generated name. The name of the service. --- ##### `sslPolicy`^Optional ```typescript public readonly sslPolicy: SslPolicy; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.SslPolicy - *Default:* The recommended elastic load balancing security policy The security policy that defines which ciphers and protocols are supported by the ALB Listener. --- ##### `targetProtocol`^Optional ```typescript public readonly targetProtocol: ApplicationProtocol; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.ApplicationProtocol - *Default:* HTTP. The protocol for connections from the load balancer to the ECS tasks. The default target port is determined from the protocol (port 80 for HTTP, port 443 for HTTPS). --- ##### `taskImageOptions`^Optional ```typescript public readonly taskImageOptions: ApplicationLoadBalancedTaskImageOptions; ``` - *Type:* aws-cdk-lib.aws_ecs_patterns.ApplicationLoadBalancedTaskImageOptions - *Default:* none The properties required to create a new task definition. TaskDefinition or TaskImageOptions must be specified, but not both. --- ##### `vpc`^Optional ```typescript public readonly vpc: IVpc; ``` - *Type:* aws-cdk-lib.aws_ec2.IVpc - *Default:* uses the VPC defined in the cluster or creates a new VPC. The VPC where the container instances will be launched or the elastic network interfaces (ENIs) will be deployed. If a vpc is specified, the cluster construct should be omitted. Alternatively, you can omit both vpc and cluster. --- ##### `cpu`^Optional ```typescript public readonly cpu: number; ``` - *Type:* number - *Default:* 256 The number of cpu units used by the task. Valid values, which determines your range of valid values for the memory parameter: 256 (.25 vCPU) - Available memory values: 0.5GB, 1GB, 2GB 512 (.5 vCPU) - Available memory values: 1GB, 2GB, 3GB, 4GB 1024 (1 vCPU) - Available memory values: 2GB, 3GB, 4GB, 5GB, 6GB, 7GB, 8GB 2048 (2 vCPU) - Available memory values: Between 4GB and 16GB in 1GB increments 4096 (4 vCPU) - Available memory values: Between 8GB and 30GB in 1GB increments 8192 (8 vCPU) - Available memory values: Between 16GB and 60GB in 4GB increments 16384 (16 vCPU) - Available memory values: Between 32GB and 120GB in 8GB increments This default is set in the underlying FargateTaskDefinition construct. --- ##### `memoryLimitMiB`^Optional ```typescript public readonly memoryLimitMiB: number; ``` - *Type:* number - *Default:* 512 The amount (in MiB) of memory used by the task. This field is required and you must use one of the following values, which determines your range of valid values for the cpu parameter: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available cpu values: 256 (.25 vCPU) 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available cpu values: 512 (.5 vCPU) 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available cpu values: 1024 (1 vCPU) Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available cpu values: 2048 (2 vCPU) Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available cpu values: 4096 (4 vCPU) Between 16384 (16 GB) and 61440 (60 GB) in increments of 4096 (4 GB) - Available cpu values: 8192 (8 vCPU) Between 32768 (32 GB) and 122880 (120 GB) in increments of 8192 (8 GB) - Available cpu values: 16384 (16 vCPU) This default is set in the underlying FargateTaskDefinition construct. --- ##### `platformVersion`^Optional ```typescript public readonly platformVersion: FargatePlatformVersion; ``` - *Type:* aws-cdk-lib.aws_ecs.FargatePlatformVersion - *Default:* Latest The platform version on which to run your service. If one is not specified, the LATEST platform version is used by default. For more information, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the Amazon Elastic Container Service Developer Guide. --- ##### `runtimePlatform`^Optional ```typescript public readonly runtimePlatform: RuntimePlatform; ``` - *Type:* aws-cdk-lib.aws_ecs.RuntimePlatform - *Default:* If the property is undefined, `operatingSystemFamily` is LINUX and `cpuArchitecture` is X86_64 The runtime platform of the task definition. --- ##### `taskDefinition`^Optional ```typescript public readonly taskDefinition: FargateTaskDefinition; ``` - *Type:* aws-cdk-lib.aws_ecs.FargateTaskDefinition - *Default:* none The task definition to use for tasks in the service. TaskDefinition or TaskImageOptions must be specified, but not both. [disable-awslint:ref-via-interface] --- ##### `assignPublicIp`^Optional ```typescript public readonly assignPublicIp: boolean; ``` - *Type:* boolean - *Default:* false Determines whether the service will be assigned a public IP address. --- ##### `securityGroups`^Optional ```typescript public readonly securityGroups: ISecurityGroup[]; ``` - *Type:* aws-cdk-lib.aws_ec2.ISecurityGroup[] - *Default:* A new security group is created. The security groups to associate with the service. If you do not specify a security group, a new security group is created. --- ##### `taskSubnets`^Optional ```typescript public readonly taskSubnets: SubnetSelection; ``` - *Type:* aws-cdk-lib.aws_ec2.SubnetSelection - *Default:* Public subnets if `assignPublicIp` is set, otherwise the first available one of Private, Isolated, Public, in that order. The subnets to associate with the service. --- ##### `accessLogBucket`^Optional ```typescript public readonly accessLogBucket: IBucket; ``` - *Type:* aws-cdk-lib.aws_s3.IBucket - *Default:* a new S3 bucket will be created The bucket to use for access logs from the Application Load Balancer. --- ##### `accessLogPrefix`^Optional ```typescript public readonly accessLogPrefix: string; ``` - *Type:* string - *Default:* none The prefix to use for access logs from the Application Load Balancer. --- ##### `apiCanarySchedule`^Optional ```typescript public readonly apiCanarySchedule: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* 5 minutes The frequency for running the api canaries. --- ##### `apiCanaryThreadCount`^Optional ```typescript public readonly apiCanaryThreadCount: number; ``` - *Type:* number - *Default:* 20 The number of threads to run concurrently for the synthetic test. --- ##### `apiCanaryTimeout`^Optional ```typescript public readonly apiCanaryTimeout: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* no alarm is created for test duration The threshold for how long a api canary can take to run. --- ##### `apiTestSteps`^Optional ```typescript public readonly apiTestSteps: ApiTestStep[]; ``` - *Type:* ApiTestStep[] - *Default:* no synthetic test will be created The steps to run in the canary. --- ##### `deploymentConfig`^Optional ```typescript public readonly deploymentConfig: IEcsDeploymentConfig; ``` - *Type:* aws-cdk-lib.aws_codedeploy.IEcsDeploymentConfig - *Default:* EcsDeploymentConfig.ALL_AT_ONCE The deployment configuration to use for the deployment group. --- ##### `deploymentTimeout`^Optional ```typescript public readonly deploymentTimeout: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* 60 minutes The timeout for a CodeDeploy deployment. --- ##### `deregistrationDelay`^Optional ```typescript public readonly deregistrationDelay: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* 300 seconds The amount of time for ELB to wait before changing the state of a deregistering target from 'draining' to 'unused'. --- ##### `healthCheck`^Optional ```typescript public readonly healthCheck: HealthCheck; ``` - *Type:* aws-cdk-lib.aws_elasticloadbalancingv2.HealthCheck - *Default:* no health check is configured The healthcheck to configure on the Application Load Balancer target groups. --- ##### `hooks`^Optional ```typescript public readonly hooks: AppSpecHooks; ``` - *Type:* AppSpecHooks - *Default:* no lifecycle hooks Optional lifecycle hooks. --- ##### `responseTimeAlarmThreshold`^Optional ```typescript public readonly responseTimeAlarmThreshold: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* no alarm will be created The threshold for response time alarm. --- ##### `terminationWaitTime`^Optional ```typescript public readonly terminationWaitTime: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* 10 minutes The time to wait before terminating the original (blue) task set. --- ##### `testPort`^Optional ```typescript public readonly testPort: number; ``` - *Type:* number - *Default:* listenerPort + 1 The port to use for test traffic on the listener. --- ### AppSpecHooks Lifecycle hooks configuration. #### Initializer ```typescript import { AppSpecHooks } from '@cdklabs/cdk-ecs-codedeploy' const appSpecHooks: AppSpecHooks = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | afterAllowTestTraffic | string \| aws-cdk-lib.aws_lambda.IFunction | Lambda or ARN of a lambda to run tasks after the test listener serves traffic to the replacement task set. | | afterAllowTraffic | string \| aws-cdk-lib.aws_lambda.IFunction | Lambda or ARN of a lambda to run tasks after the second target group serves traffic to the replacement task set. | | afterInstall | string \| aws-cdk-lib.aws_lambda.IFunction | Lambda or ARN of a lambda to run tasks after the replacement task set is created and one of the target groups is associated with it. | | beforeAllowTraffic | string \| aws-cdk-lib.aws_lambda.IFunction | Lambda or ARN of a lambda to run tasks after the second target group is associated with the replacement task set, but before traffic is shifted to the replacement task set. | | beforeInstall | string \| aws-cdk-lib.aws_lambda.IFunction | Lambda or ARN of a lambda to run tasks before the replacement task set is created. | --- ##### `afterAllowTestTraffic`^Optional ```typescript public readonly afterAllowTestTraffic: string | IFunction; ``` - *Type:* string | aws-cdk-lib.aws_lambda.IFunction Lambda or ARN of a lambda to run tasks after the test listener serves traffic to the replacement task set. --- ##### `afterAllowTraffic`^Optional ```typescript public readonly afterAllowTraffic: string | IFunction; ``` - *Type:* string | aws-cdk-lib.aws_lambda.IFunction Lambda or ARN of a lambda to run tasks after the second target group serves traffic to the replacement task set. --- ##### `afterInstall`^Optional ```typescript public readonly afterInstall: string | IFunction; ``` - *Type:* string | aws-cdk-lib.aws_lambda.IFunction Lambda or ARN of a lambda to run tasks after the replacement task set is created and one of the target groups is associated with it. --- ##### `beforeAllowTraffic`^Optional ```typescript public readonly beforeAllowTraffic: string | IFunction; ``` - *Type:* string | aws-cdk-lib.aws_lambda.IFunction Lambda or ARN of a lambda to run tasks after the second target group is associated with the replacement task set, but before traffic is shifted to the replacement task set. --- ##### `beforeInstall`^Optional ```typescript public readonly beforeInstall: string | IFunction; ``` - *Type:* string | aws-cdk-lib.aws_lambda.IFunction Lambda or ARN of a lambda to run tasks before the replacement task set is created. --- ### AwsvpcConfiguration Network configuration for ECS services that have a network type of `awsvpc`. #### Initializer ```typescript import { AwsvpcConfiguration } from '@cdklabs/cdk-ecs-codedeploy' const awsvpcConfiguration: AwsvpcConfiguration = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | assignPublicIp | boolean | Assign a public IP address to the task. | | securityGroups | aws-cdk-lib.aws_ec2.ISecurityGroup[] | The Security Groups to use for the task. | | vpc | aws-cdk-lib.aws_ec2.IVpc | The VPC to use for the task. | | vpcSubnets | aws-cdk-lib.aws_ec2.SubnetSelection | The Subnets to use for the task. | --- ##### `assignPublicIp`^Required ```typescript public readonly assignPublicIp: boolean; ``` - *Type:* boolean Assign a public IP address to the task. --- ##### `securityGroups`^Required ```typescript public readonly securityGroups: ISecurityGroup[]; ``` - *Type:* aws-cdk-lib.aws_ec2.ISecurityGroup[] The Security Groups to use for the task. --- ##### `vpc`^Required ```typescript public readonly vpc: IVpc; ``` - *Type:* aws-cdk-lib.aws_ec2.IVpc The VPC to use for the task. --- ##### `vpcSubnets`^Required ```typescript public readonly vpcSubnets: SubnetSelection; ``` - *Type:* aws-cdk-lib.aws_ec2.SubnetSelection The Subnets to use for the task. --- ### EcsDeploymentProps Construction properties of EcsDeployment. #### Initializer ```typescript import { EcsDeploymentProps } from '@cdklabs/cdk-ecs-codedeploy' const ecsDeploymentProps: EcsDeploymentProps = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | deploymentGroup | aws-cdk-lib.aws_codedeploy.IEcsDeploymentGroup | The deployment group to target for this deployment. | | targetService | TargetService | The ECS service to target for the deployment. | | autoRollback | aws-cdk-lib.aws_codedeploy.AutoRollbackConfig | The configuration for rollback in the event that a deployment fails. | | description | string | The description for the deployment. | | hooks | AppSpecHooks | Optional lifecycle hooks. | | timeout | aws-cdk-lib.Duration | The timeout for the deployment. | --- ##### `deploymentGroup`^Required ```typescript public readonly deploymentGroup: IEcsDeploymentGroup; ``` - *Type:* aws-cdk-lib.aws_codedeploy.IEcsDeploymentGroup The deployment group to target for this deployment. --- ##### `targetService`^Required ```typescript public readonly targetService: TargetService; ``` - *Type:* TargetService The ECS service to target for the deployment. see: https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-resources.html#reference-appspec-file-structure-resources-ecs --- ##### `autoRollback`^Optional ```typescript public readonly autoRollback: AutoRollbackConfig; ``` - *Type:* aws-cdk-lib.aws_codedeploy.AutoRollbackConfig - *Default:* : no automatic rollback triggered The configuration for rollback in the event that a deployment fails. --- ##### `description`^Optional ```typescript public readonly description: string; ``` - *Type:* string - *Default:* no description The description for the deployment. --- ##### `hooks`^Optional ```typescript public readonly hooks: AppSpecHooks; ``` - *Type:* AppSpecHooks - *Default:* no lifecycle hooks Optional lifecycle hooks. --- ##### `timeout`^Optional ```typescript public readonly timeout: Duration; ``` - *Type:* aws-cdk-lib.Duration - *Default:* 30 minutes The timeout for the deployment. If the timeout is reached, it will trigger a rollback of the stack. --- ### TargetService Describe the target for CodeDeploy to use when creating a deployment for an ecs.EcsDeploymentGroup. #### Initializer ```typescript import { TargetService } from '@cdklabs/cdk-ecs-codedeploy' const targetService: TargetService = { ... } ``` #### Properties | **Name** | **Type** | **Description** | | --- | --- | --- | | containerName | string | The name of the Amazon ECS container that contains your Amazon ECS application. | | containerPort | number | The port on the container where traffic will be routed to. | | taskDefinition | aws-cdk-lib.aws_ecs.ITaskDefinition | The TaskDefintion to deploy to the target services. | | awsvpcConfiguration | AwsvpcConfiguration | Network configuration for ECS services that have a network type of `awsvpc`. | | capacityProviderStrategy | aws-cdk-lib.aws_ecs.CapacityProviderStrategy[] | A list of Amazon ECS capacity providers to use for the deployment. | | platformVersion | aws-cdk-lib.aws_ecs.FargatePlatformVersion | The platform version of the Fargate tasks in the deployed Amazon ECS service. | --- ##### `containerName`^Required ```typescript public readonly containerName: string; ``` - *Type:* string The name of the Amazon ECS container that contains your Amazon ECS application. It must be a container specified in your Amazon ECS task definition. --- ##### `containerPort`^Required ```typescript public readonly containerPort: number; ``` - *Type:* number The port on the container where traffic will be routed to. --- ##### `taskDefinition`^Required ```typescript public readonly taskDefinition: ITaskDefinition; ``` - *Type:* aws-cdk-lib.aws_ecs.ITaskDefinition The TaskDefintion to deploy to the target services. --- ##### `awsvpcConfiguration`^Optional ```typescript public readonly awsvpcConfiguration: AwsvpcConfiguration; ``` - *Type:* AwsvpcConfiguration - *Default:* reuse current network settings for ECS service. Network configuration for ECS services that have a network type of `awsvpc`. --- ##### `capacityProviderStrategy`^Optional ```typescript public readonly capacityProviderStrategy: CapacityProviderStrategy[]; ``` - *Type:* aws-cdk-lib.aws_ecs.CapacityProviderStrategy[] - *Default:* reuse current capcity provider strategy for ECS service. A list of Amazon ECS capacity providers to use for the deployment. --- ##### `platformVersion`^Optional ```typescript public readonly platformVersion: FargatePlatformVersion; ``` - *Type:* aws-cdk-lib.aws_ecs.FargatePlatformVersion - *Default:* LATEST The platform version of the Fargate tasks in the deployed Amazon ECS service. see: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html --- ## Classes ### EcsAppSpec Represents an AppSpec to be used for ECS services. see: https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file-structure-resources.html#reference-appspec-file-structure-resources-ecs #### Initializers ```typescript import { EcsAppSpec } from '@cdklabs/cdk-ecs-codedeploy' new EcsAppSpec(targetService: TargetService, hooks?: AppSpecHooks) ``` | **Name** | **Type** | **Description** | | --- | --- | --- | | targetService | TargetService | *No description.* | | hooks | AppSpecHooks | *No description.* | --- ##### `targetService`^Required - *Type:* TargetService --- ##### `hooks`^Optional - *Type:* AppSpecHooks --- #### Methods | **Name** | **Description** | | --- | --- | | toString | Render JSON string for this AppSpec to be used. | --- ##### `toString` ```typescript public toString(): string ``` Render JSON string for this AppSpec to be used.