1. Answers
  2. Building an AWS ECS Task Definition

How do I build an AWS ECS task definition?

In this example, we’ll go through the process of creating an ECS (Elastic Container Service) task definition on AWS. A task definition is crucial for running Docker containers on ECS. It defines various settings such as the Docker image to be used, the resource requirements, and various configurations for the containers.

Below is the Terraform code to create an ECS task definition. This configuration includes defining the ECS task definition, setting its attributes, and specifying the container definitions.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an IAM role for ECS task execution
const ecsTaskExecutionRole = new aws.iam.Role("ecs_task_execution_role", {
    name: "ecsTaskExecutionRole",
    assumeRolePolicy: JSON.stringify({
        Version: "2012-10-17",
        Statement: [{
            Action: "sts:AssumeRole",
            Effect: "Allow",
            Principal: {
                Service: "ecs-tasks.amazonaws.com",
            },
        }],
    }),
});
// Define an ECS Task Definition
const example = new aws.ecs.TaskDefinition("example", {
    family: "example-task",
    networkMode: "awsvpc",
    requiresCompatibilities: ["FARGATE"],
    cpu: "256",
    memory: "512",
    executionRoleArn: ecsTaskExecutionRole.arn,
    containerDefinitions: JSON.stringify([{
        name: "example",
        image: "nginx:latest",
        cpu: 256,
        memory: 512,
        essential: true,
        portMappings: [{
            containerPort: 80,
            hostPort: 80,
            protocol: "tcp",
        }],
    }]),
});
// Attach the AmazonECSTaskExecutionRolePolicy to the created IAM role
const ecsTaskExecutionRoleAttachment = new aws.iam.RolePolicyAttachment("ecs_task_execution_role_attachment", {
    role: ecsTaskExecutionRole.name,
    policyArn: "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
});
export const taskDefinitionArn = example.arn;
export const executionRoleArn = ecsTaskExecutionRole.arn;

Key Points:

  • We created an ECS task definition, specifying the name, network mode, required compatibilities, CPU, memory, and execution role ARN.
  • The container_definitions attribute defines relevant container parameters such as name, image, CPU, memory, essential flag, and port mappings.
  • An IAM role is created and attached with the AmazonECSTaskExecutionRolePolicy to allow ECS tasks to pull container images and log information.
  • Outputs are defined to capture the ARNs of the created ECS task definition and IAM role.

This approach sets up the core infrastructure required to deploy and manage Docker containers using ECS on AWS. Remember to adjust regions, image names, and other specifics to fit your context.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up