Amazon ECS Operations: Difference between revisions
Line 54: | Line 54: | ||
{{Internal|AWS_Security_Operations#Create_an_ECS_Task_Role|Create an IAM Task Role}} | {{Internal|AWS_Security_Operations#Create_an_ECS_Task_Role|Create an IAM Task Role}} | ||
After the task role is correctly created, it should show up in the drop-down box. | |||
Network Mode: awsvpc | |||
Task execution IAM role - this is the role that authorizes Amazon ECS to pull private images and publish logs for the task. This takes the place of the EC2 Instance role when running tasks: | |||
{{Internal|AWS_Security_Operations#Create_an_ECS_Task_Execution_Role|Create an IAM Task Execution Role}} | |||
Revision as of 06:02, 6 February 2019
External
Internal
Overview
Create a Cluster
Amazon ECS -> Clusters -> Create Cluster
Networking only (Fargate)
Cluster Name
Networking:
Create VPC
CIDR block 10.0.0.0/16
Subnet 1: 10.0.0.0/16
Delete Subnet 2.
It will create:
- ECS cluster
- CloudFormation Stack
- VPC
- Subnet 1
- Subnet 1 route table association
- VPC Availability Zones
- Internet gateway
- Route table
- Amazon EC2 route
- Virtual private gateway attachment
Create a Task Definition
Amazon ECS -> Task Definitions -> Create a New Task Definition -> FARGATE -> Next Step
Task Definition Name: playground-themyscira
Requires Compatibilities: FARGATE
After the task role is correctly created, it should show up in the drop-down box.
Network Mode: awsvpc
Task execution IAM role - this is the role that authorizes Amazon ECS to pull private images and publish logs for the task. This takes the place of the EC2 Instance role when running tasks:
AmazonECSTaskExecutionRolePolicy
Create a Service
Must create at least a Task Definition first.
Clusters -> <Cluster Name> -> Services tab -> Create:
Launch Type: FARGATE
Task Definition: Family playground-