aws-native.ecs.DaemonTaskDefinition

AWS Cloud Control v1.62.0, Apr 20 26

We recommend new projects start with resources from the AWS provider.

Viewing docs for AWS Cloud Control v1.62.0
published on Monday, Apr 20, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

We recommend new projects start with resources from the AWS provider.

Viewing docs for AWS Cloud Control v1.62.0
published on Monday, Apr 20, 2026 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

Create DaemonTaskDefinition Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new DaemonTaskDefinition(name: string, args?: DaemonTaskDefinitionArgs, opts?: CustomResourceOptions);

@overload
def DaemonTaskDefinition(resource_name: str,
                         args: Optional[DaemonTaskDefinitionArgs] = None,
                         opts: Optional[ResourceOptions] = None)

@overload
def DaemonTaskDefinition(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         container_definitions: Optional[Sequence[DaemonTaskDefinitionDaemonContainerDefinitionArgs]] = None,
                         cpu: Optional[str] = None,
                         execution_role_arn: Optional[str] = None,
                         family: Optional[str] = None,
                         memory: Optional[str] = None,
                         tags: Optional[Sequence[_root_inputs.TagArgs]] = None,
                         task_role_arn: Optional[str] = None,
                         volumes: Optional[Sequence[DaemonTaskDefinitionVolumeArgs]] = None)

func NewDaemonTaskDefinition(ctx *Context, name string, args *DaemonTaskDefinitionArgs, opts ...ResourceOption) (*DaemonTaskDefinition, error)

public DaemonTaskDefinition(string name, DaemonTaskDefinitionArgs? args = null, CustomResourceOptions? opts = null)

public DaemonTaskDefinition(String name, DaemonTaskDefinitionArgs args)
public DaemonTaskDefinition(String name, DaemonTaskDefinitionArgs args, CustomResourceOptions options)

type: aws-native:ecs:DaemonTaskDefinition
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args DaemonTaskDefinitionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args DaemonTaskDefinitionArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args DaemonTaskDefinitionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args DaemonTaskDefinitionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args DaemonTaskDefinitionArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

DaemonTaskDefinition Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The DaemonTaskDefinition resource accepts the following input properties:

ContainerDefinitions List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionDaemonContainerDefinition>: A list of container definitions in JSON format that describe the containers that make up the daemon task.
Cpu string: The number of CPU units used by the daemon task.
ExecutionRoleArn string: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
Family string: The name of a family that this daemon task definition is registered to.
Memory string: The amount of memory (in MiB) used by the daemon task.
Tags List<Pulumi.AwsNative.Inputs.Tag>
TaskRoleArn string: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
Volumes List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionVolume>: The list of data volume definitions for the daemon task.

ContainerDefinitions []DaemonTaskDefinitionDaemonContainerDefinitionArgs: A list of container definitions in JSON format that describe the containers that make up the daemon task.
Cpu string: The number of CPU units used by the daemon task.
ExecutionRoleArn string: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
Family string: The name of a family that this daemon task definition is registered to.
Memory string: The amount of memory (in MiB) used by the daemon task.
Tags TagArgs
TaskRoleArn string: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
Volumes []DaemonTaskDefinitionVolumeArgs: The list of data volume definitions for the daemon task.

containerDefinitions List<DaemonTaskDefinitionDaemonContainerDefinition>: A list of container definitions in JSON format that describe the containers that make up the daemon task.
cpu String: The number of CPU units used by the daemon task.
executionRoleArn String: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
family String: The name of a family that this daemon task definition is registered to.
memory String: The amount of memory (in MiB) used by the daemon task.
tags List<Tag>
taskRoleArn String: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
volumes List<DaemonTaskDefinitionVolume>: The list of data volume definitions for the daemon task.

containerDefinitions DaemonTaskDefinitionDaemonContainerDefinition[]: A list of container definitions in JSON format that describe the containers that make up the daemon task.
cpu string: The number of CPU units used by the daemon task.
executionRoleArn string: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
family string: The name of a family that this daemon task definition is registered to.
memory string: The amount of memory (in MiB) used by the daemon task.
tags Tag[]
taskRoleArn string: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
volumes DaemonTaskDefinitionVolume[]: The list of data volume definitions for the daemon task.

container_definitions Sequence[DaemonTaskDefinitionDaemonContainerDefinitionArgs]: A list of container definitions in JSON format that describe the containers that make up the daemon task.
cpu str: The number of CPU units used by the daemon task.
execution_role_arn str: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
family str: The name of a family that this daemon task definition is registered to.
memory str: The amount of memory (in MiB) used by the daemon task.
tags Sequence[TagArgs]
task_role_arn str: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
volumes Sequence[DaemonTaskDefinitionVolumeArgs]: The list of data volume definitions for the daemon task.

containerDefinitions List<Property Map>: A list of container definitions in JSON format that describe the containers that make up the daemon task.
cpu String: The number of CPU units used by the daemon task.
executionRoleArn String: The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make Amazon Web Services API calls on your behalf.
family String: The name of a family that this daemon task definition is registered to.
memory String: The amount of memory (in MiB) used by the daemon task.
tags List<Property Map>
taskRoleArn String: The short name or full Amazon Resource Name (ARN) of the IAM role that grants containers in the daemon task permission to call Amazon Web Services APIs on your behalf.
volumes List<Property Map>: The list of data volume definitions for the daemon task.

Outputs

All input properties are implicitly available as output properties. Additionally, the DaemonTaskDefinition resource produces the following output properties:

DaemonTaskDefinitionArn string
Id string: The provider-assigned unique ID for this managed resource.

DaemonTaskDefinitionArn string
Id string: The provider-assigned unique ID for this managed resource.

daemonTaskDefinitionArn String
id String: The provider-assigned unique ID for this managed resource.

daemonTaskDefinitionArn string
id string: The provider-assigned unique ID for this managed resource.

daemon_task_definition_arn str
id str: The provider-assigned unique ID for this managed resource.

daemonTaskDefinitionArn String
id String: The provider-assigned unique ID for this managed resource.

Supporting Types

DaemonTaskDefinitionContainerDependency, DaemonTaskDefinitionContainerDependencyArgs

The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. Your Amazon ECS container instances require at least version 1.26.0 of the container agent to use container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see Updating the Amazon ECS Container Agent in the Amazon Elastic Container Service Developer Guide. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ecs-init package. If your container instances are launched from version 20190301 or later, then they contain the required versions of the container agent and ecs-init. For more information, see Amazon ECS-optimized Linux AMI in the Amazon Elastic Container Service Developer Guide. For tasks that use the Fargate launch type, the task or service requires the following platforms:

Linux platform version 1.3.0 or later.
Windows platform version 1.0.0 or later.

For more information about how to create a container dependency, see Container dependency in the Amazon Elastic Container Service Developer Guide.

Condition string

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

ContainerName string

The name of a container.

Condition string

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

ContainerName string

The name of a container.

condition String

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

containerName String

The name of a container.

condition string

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

containerName string

The name of a container.

condition str

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

container_name str

The name of a container.

condition String

The dependency condition of the container. The following are the available conditions and their behavior:

START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.
SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can't be set on an essential container.
HEALTHY - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.

containerName String

The name of a container.

DaemonTaskDefinitionDaemonContainerDefinition, DaemonTaskDefinitionDaemonContainerDefinitionArgs

A container definition for a daemon task. Daemon container definitions describe the containers that run as part of a daemon task on container instances managed by capacity providers.

Image string: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
Name string: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
Command List<string>: The command that's passed to the container.
Cpu int: The number of cpu units reserved for the container.
DependsOn List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionContainerDependency>: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
EntryPoint List<string>: The entry point that's passed to the container.
Environment List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionKeyValuePair>: The environment variables to pass to a container.
EnvironmentFiles List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionEnvironmentFile>: A list of files containing the environment variables to pass to a container.
Essential bool: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
FirelensConfiguration Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionFirelensConfiguration: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
HealthCheck Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionHealthCheck: The container health check command and associated configuration parameters for the container.
Interactive bool: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
LinuxParameters Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionLinuxParameters: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
LogConfiguration Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionLogConfiguration: The log configuration specification for the container.
Memory int: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
MemoryReservation int: The soft limit (in MiB) of memory to reserve for the container.
MountPoints List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionMountPoint>: The mount points for data volumes in your container.
Privileged bool: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
PseudoTerminal bool: When this parameter is true, a TTY is allocated.
ReadonlyRootFilesystem bool: When this parameter is true, the container is given read-only access to its root file system.
RepositoryCredentials Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionRepositoryCredentials: The private repository authentication credentials to use.
RestartPolicy Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionRestartPolicy: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
Secrets List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionSecret>: The secrets to pass to the container.
StartTimeout int: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
StopTimeout int: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
SystemControls List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionSystemControl>: A list of namespaced kernel parameters to set in the container.
Ulimits List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionUlimit>: A list of ulimits to set in the container.
User string: The user to use inside the container.
WorkingDirectory string: The working directory to run commands inside the container in.

Image string: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
Name string: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
Command []string: The command that's passed to the container.
Cpu int: The number of cpu units reserved for the container.
DependsOn []DaemonTaskDefinitionContainerDependency: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
EntryPoint []string: The entry point that's passed to the container.
Environment []DaemonTaskDefinitionKeyValuePair: The environment variables to pass to a container.
EnvironmentFiles []DaemonTaskDefinitionEnvironmentFile: A list of files containing the environment variables to pass to a container.
Essential bool: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
FirelensConfiguration DaemonTaskDefinitionFirelensConfiguration: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
HealthCheck DaemonTaskDefinitionHealthCheck: The container health check command and associated configuration parameters for the container.
Interactive bool: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
LinuxParameters DaemonTaskDefinitionLinuxParameters: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
LogConfiguration DaemonTaskDefinitionLogConfiguration: The log configuration specification for the container.
Memory int: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
MemoryReservation int: The soft limit (in MiB) of memory to reserve for the container.
MountPoints []DaemonTaskDefinitionMountPoint: The mount points for data volumes in your container.
Privileged bool: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
PseudoTerminal bool: When this parameter is true, a TTY is allocated.
ReadonlyRootFilesystem bool: When this parameter is true, the container is given read-only access to its root file system.
RepositoryCredentials DaemonTaskDefinitionRepositoryCredentials: The private repository authentication credentials to use.
RestartPolicy DaemonTaskDefinitionRestartPolicy: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
Secrets []DaemonTaskDefinitionSecret: The secrets to pass to the container.
StartTimeout int: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
StopTimeout int: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
SystemControls []DaemonTaskDefinitionSystemControl: A list of namespaced kernel parameters to set in the container.
Ulimits []DaemonTaskDefinitionUlimit: A list of ulimits to set in the container.
User string: The user to use inside the container.
WorkingDirectory string: The working directory to run commands inside the container in.

image String: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
name String: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
command List<String>: The command that's passed to the container.
cpu Integer: The number of cpu units reserved for the container.
dependsOn List<DaemonTaskDefinitionContainerDependency>: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
entryPoint List<String>: The entry point that's passed to the container.
environment List<DaemonTaskDefinitionKeyValuePair>: The environment variables to pass to a container.
environmentFiles List<DaemonTaskDefinitionEnvironmentFile>: A list of files containing the environment variables to pass to a container.
essential Boolean: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
firelensConfiguration DaemonTaskDefinitionFirelensConfiguration: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
healthCheck DaemonTaskDefinitionHealthCheck: The container health check command and associated configuration parameters for the container.
interactive Boolean: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
linuxParameters DaemonTaskDefinitionLinuxParameters: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
logConfiguration DaemonTaskDefinitionLogConfiguration: The log configuration specification for the container.
memory Integer: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
memoryReservation Integer: The soft limit (in MiB) of memory to reserve for the container.
mountPoints List<DaemonTaskDefinitionMountPoint>: The mount points for data volumes in your container.
privileged Boolean: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
pseudoTerminal Boolean: When this parameter is true, a TTY is allocated.
readonlyRootFilesystem Boolean: When this parameter is true, the container is given read-only access to its root file system.
repositoryCredentials DaemonTaskDefinitionRepositoryCredentials: The private repository authentication credentials to use.
restartPolicy DaemonTaskDefinitionRestartPolicy: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
secrets List<DaemonTaskDefinitionSecret>: The secrets to pass to the container.
startTimeout Integer: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
stopTimeout Integer: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
systemControls List<DaemonTaskDefinitionSystemControl>: A list of namespaced kernel parameters to set in the container.
ulimits List<DaemonTaskDefinitionUlimit>: A list of ulimits to set in the container.
user String: The user to use inside the container.
workingDirectory String: The working directory to run commands inside the container in.

image string: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
name string: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
command string[]: The command that's passed to the container.
cpu number: The number of cpu units reserved for the container.
dependsOn DaemonTaskDefinitionContainerDependency[]: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
entryPoint string[]: The entry point that's passed to the container.
environment DaemonTaskDefinitionKeyValuePair[]: The environment variables to pass to a container.
environmentFiles DaemonTaskDefinitionEnvironmentFile[]: A list of files containing the environment variables to pass to a container.
essential boolean: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
firelensConfiguration DaemonTaskDefinitionFirelensConfiguration: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
healthCheck DaemonTaskDefinitionHealthCheck: The container health check command and associated configuration parameters for the container.
interactive boolean: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
linuxParameters DaemonTaskDefinitionLinuxParameters: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
logConfiguration DaemonTaskDefinitionLogConfiguration: The log configuration specification for the container.
memory number: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
memoryReservation number: The soft limit (in MiB) of memory to reserve for the container.
mountPoints DaemonTaskDefinitionMountPoint[]: The mount points for data volumes in your container.
privileged boolean: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
pseudoTerminal boolean: When this parameter is true, a TTY is allocated.
readonlyRootFilesystem boolean: When this parameter is true, the container is given read-only access to its root file system.
repositoryCredentials DaemonTaskDefinitionRepositoryCredentials: The private repository authentication credentials to use.
restartPolicy DaemonTaskDefinitionRestartPolicy: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
secrets DaemonTaskDefinitionSecret[]: The secrets to pass to the container.
startTimeout number: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
stopTimeout number: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
systemControls DaemonTaskDefinitionSystemControl[]: A list of namespaced kernel parameters to set in the container.
ulimits DaemonTaskDefinitionUlimit[]: A list of ulimits to set in the container.
user string: The user to use inside the container.
workingDirectory string: The working directory to run commands inside the container in.

image str: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
name str: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
command Sequence[str]: The command that's passed to the container.
cpu int: The number of cpu units reserved for the container.
depends_on Sequence[DaemonTaskDefinitionContainerDependency]: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
entry_point Sequence[str]: The entry point that's passed to the container.
environment Sequence[DaemonTaskDefinitionKeyValuePair]: The environment variables to pass to a container.
environment_files Sequence[DaemonTaskDefinitionEnvironmentFile]: A list of files containing the environment variables to pass to a container.
essential bool: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
firelens_configuration DaemonTaskDefinitionFirelensConfiguration: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
health_check DaemonTaskDefinitionHealthCheck: The container health check command and associated configuration parameters for the container.
interactive bool: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
linux_parameters DaemonTaskDefinitionLinuxParameters: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
log_configuration DaemonTaskDefinitionLogConfiguration: The log configuration specification for the container.
memory int: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
memory_reservation int: The soft limit (in MiB) of memory to reserve for the container.
mount_points Sequence[DaemonTaskDefinitionMountPoint]: The mount points for data volumes in your container.
privileged bool: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
pseudo_terminal bool: When this parameter is true, a TTY is allocated.
readonly_root_filesystem bool: When this parameter is true, the container is given read-only access to its root file system.
repository_credentials DaemonTaskDefinitionRepositoryCredentials: The private repository authentication credentials to use.
restart_policy DaemonTaskDefinitionRestartPolicy: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
secrets Sequence[DaemonTaskDefinitionSecret]: The secrets to pass to the container.
start_timeout int: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
stop_timeout int: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
system_controls Sequence[DaemonTaskDefinitionSystemControl]: A list of namespaced kernel parameters to set in the container.
ulimits Sequence[DaemonTaskDefinitionUlimit]: A list of ulimits to set in the container.
user str: The user to use inside the container.
working_directory str: The working directory to run commands inside the container in.

image String: The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest.
name String: The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.
command List<String>: The command that's passed to the container.
cpu Number: The number of cpu units reserved for the container.
dependsOn List<Property Map>: The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition.
entryPoint List<String>: The entry point that's passed to the container.
environment List<Property Map>: The environment variables to pass to a container.
environmentFiles List<Property Map>: A list of files containing the environment variables to pass to a container.
essential Boolean: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped.
firelensConfiguration Property Map: The FireLens configuration for the container. This is used to specify and configure a log router for container logs.
healthCheck Property Map: The container health check command and associated configuration parameters for the container.
interactive Boolean: When this parameter is true, you can deploy containerized applications that require stdin or a tty to be allocated.
linuxParameters Property Map: Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities.
logConfiguration Property Map: The log configuration specification for the container.
memory Number: The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed.
memoryReservation Number: The soft limit (in MiB) of memory to reserve for the container.
mountPoints List<Property Map>: The mount points for data volumes in your container.
privileged Boolean: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user).
pseudoTerminal Boolean: When this parameter is true, a TTY is allocated.
readonlyRootFilesystem Boolean: When this parameter is true, the container is given read-only access to its root file system.
repositoryCredentials Property Map: The private repository authentication credentials to use.
restartPolicy Property Map: The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task.
secrets List<Property Map>: The secrets to pass to the container.
startTimeout Number: Time duration (in seconds) to wait before giving up on resolving dependencies for a container.
stopTimeout Number: Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.
systemControls List<Property Map>: A list of namespaced kernel parameters to set in the container.
ulimits List<Property Map>: A list of ulimits to set in the container.
user String: The user to use inside the container.
workingDirectory String: The working directory to run commands inside the container in.

DaemonTaskDefinitionDevice, DaemonTaskDefinitionDeviceArgs

An object representing a container instance host device.

ContainerPath string: The path inside the container at which to expose the host device.
HostPath string: The path for the device on the host container instance.
Permissions List<string>: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

ContainerPath string: The path inside the container at which to expose the host device.
HostPath string: The path for the device on the host container instance.
Permissions []string: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

containerPath String: The path inside the container at which to expose the host device.
hostPath String: The path for the device on the host container instance.
permissions List<String>: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

containerPath string: The path inside the container at which to expose the host device.
hostPath string: The path for the device on the host container instance.
permissions string[]: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

container_path str: The path inside the container at which to expose the host device.
host_path str: The path for the device on the host container instance.
permissions Sequence[str]: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

containerPath String: The path inside the container at which to expose the host device.
hostPath String: The path for the device on the host container instance.
permissions List<String>: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.

DaemonTaskDefinitionEnvironmentFile, DaemonTaskDefinitionEnvironmentFileArgs

A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a .env file extension. Each line in an environment file should contain an environment variable in VARIABLE=VALUE format. Lines beginning with # are treated as comments and are ignored. If there are environment variables specified using the environment parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see Use a file to pass environment variables to a container in the Amazon Elastic Container Service Developer Guide. Environment variable files are objects in Amazon S3 and all Amazon S3 security considerations apply. You must use the following platforms for the Fargate launch type:

Linux platform version 1.4.0 or later.
Windows platform version 1.0.0 or later.

Consider the following when using the Fargate launch type:

The file is handled like a native Docker env-file.
There is no support for shell escape handling.
The container entry point interperts the VARIABLE values.

Type string: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
Value string: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

Type string: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
Value string: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

type String: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
value String: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

type string: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
value string: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

type str: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
value str: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

type String: The file type to use. Environment files are objects in Amazon S3. The only supported value is s3.
value String: The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.

DaemonTaskDefinitionFirelensConfiguration, DaemonTaskDefinitionFirelensConfigurationArgs

The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see Custom log routing in the Amazon Elastic Container Service Developer Guide.

Options Dictionary<string, string>: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
Type string: The log router to use. The valid values are fluentd or fluentbit.

Options map[string]string: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
Type string: The log router to use. The valid values are fluentd or fluentbit.

options Map<String,String>: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
type String: The log router to use. The valid values are fluentd or fluentbit.

options {[key: string]: string}: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
type string: The log router to use. The valid values are fluentd or fluentbit.

options Mapping[str, str]: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
type str: The log router to use. The valid values are fluentd or fluentbit.

options Map<String>: The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is "options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}. For more information, see Creating a task definition that uses a FireLens configuration in the Amazon Elastic Container Service Developer Guide. Tasks hosted on FARGATElong only support the file configuration file type.
type String: The log router to use. The valid values are fluentd or fluentbit.

DaemonTaskDefinitionHealthCheck, DaemonTaskDefinitionHealthCheckArgs

An object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the HEALTHCHECK parameter of docker run. The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image. You can view the health status of both individual containers and a task with the DescribeTasks API operation or when viewing the task details in the console. The health check is designed to make sure that your containers survive agent restarts, upgrades, or temporary unavailability. Amazon ECS performs health checks on containers with the default that launched the container instance or the task. The following describes the possible healthStatus values for a container:

HEALTHY-The container health check has passed successfully.
UNHEALTHY-The container health check has failed.
UNKNOWN-The container health check is being evaluated, there's no container health check defined, or Amazon ECS doesn't have the health status of the container.

The following describes the possible healthStatus values based on the container health checker status of essential containers in the task with the following priority order (high to low):

UNHEALTHY-One or more essential containers have failed their health check.
UNKNOWN-Any essential container running within the task is in an UNKNOWN state and no other essential containers have an UNHEALTHY state.
HEALTHY-All essential containers within the task have passed their health checks.

Consider the following task health example with 2 containers.

If Container1 is UNHEALTHY and Container2 is UNKNOWN, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is HEALTHY, the task health is UNHEALTHY.
If Container1 is HEALTHY and Container2 is UNKNOWN, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is HEALTHY, the task health is HEALTHY.

Consider the following task health example with 3 containers.

If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3 is UNKNOWN, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is UNKNOWN, and Container3 is HEALTHY, the task health is UNHEALTHY.
If Container1 is UNHEALTHY and Container2 is HEALTHY, and Container3 is HEALTHY, the task health is UNHEALTHY.
If Container1 is HEALTHY and Container2 is UNKNOWN, and Container3 is HEALTHY, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is UNKNOWN, and Container3 is UNKNOWN, the task health is UNKNOWN.
If Container1 is HEALTHY and Container2 is HEALTHY, and Container3 is HEALTHY, the task health is HEALTHY.

If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it. When a container health check fails for a task that is part of a service, the following process occurs:

The task is marked as UNHEALTHY.
The unhealthy task will be stopped, and during the stopping process, it will go through the following states:

DEACTIVATING - In this state, Amazon ECS performs additional steps before stopping the task. For example, for tasks that are part of services configured to use Elastic Load Balancing target groups, target groups will be deregistered in this state.
STOPPING - The task is in the process of being stopped.
DEPROVISIONING - Resources associated with the task are being cleaned up.
STOPPED - The task has been completely stopped.

After the old task stops, a new task will be launched to ensure service operation, and the new task will go through the following lifecycle:

PROVISIONING - Resources required for the task are being provisioned.
PENDING - The task is waiting to be placed on a container instance.
ACTIVATING - In this state, Amazon ECS pulls container images, creates containers, configures task networking, registers load balancer target groups, and configures service discovery status.
RUNNING - The task is running and performing its work.

For more detailed information about task lifecycle states, see Task lifecycle in the Amazon Elastic Container Service Developer Guide. The following are notes about container health check support:

If the Amazon ECS container agent becomes disconnected from the Amazon ECS service, this won't cause a container to transition to an UNHEALTHY status. This is by design, to ensure that containers remain running during agent restarts or temporary unavailability. The health check status is the "last heard from" response from the Amazon ECS agent, so if the container was considered HEALTHY prior to the disconnect, that status will remain until the agent reconnects and another health check occurs. There are no assumptions made about the status of the container health checks.
Container health checks require version 1.17.0 or greater of the Amazon ECS container agent. For more information, see Updating the Amazon ECS container agent.
Container health checks are supported for Fargate tasks if you're using platform version 1.1.0 or greater. For more information, see platform versions.
Container health checks aren't supported for tasks that are part of a service that's configured to use a Classic Load Balancer.

For an example of how to specify a task definition with multiple containers where container dependency is specified, see Container dependency in the Amazon Elastic Container Service Developer Guide.

Command List<string>: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
Interval int: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
Retries int: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
StartPeriod int: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
Timeout int: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

Command []string: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
Interval int: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
Retries int: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
StartPeriod int: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
Timeout int: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

command List<String>: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
interval Integer: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
retries Integer: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
startPeriod Integer: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
timeout Integer: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

command string[]: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
interval number: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
retries number: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
startPeriod number: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
timeout number: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

command Sequence[str]: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
interval int: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
retries int: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
start_period int: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
timeout int: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

command List<String>: A string array representing the command that the container runs to determine if it is healthy. The string array must start with CMD to run the command arguments directly, or CMD-SHELL to run the command with the container's default shell. When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. [ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ] You don't include the double quotes and brackets when you use the AWS Management Console. CMD-SHELL, curl -f http://localhost/ || exit 1 An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see HealthCheck in the docker container create command.
interval Number: The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a command.
retries Number: The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a command.
startPeriod Number: The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the startPeriod is off. This value applies only when you specify a command. If a health check succeeds within the startPeriod, then the container is considered healthy and any subsequent failures count toward the maximum number of retries.
timeout Number: The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a command.

DaemonTaskDefinitionHostVolumeProperties, DaemonTaskDefinitionHostVolumePropertiesArgs

Details on a container instance bind mount host volume.

SourcePath string: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

SourcePath string: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

sourcePath String: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

sourcePath string: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

source_path str: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

sourcePath String: When the host parameter is used, specify a sourcePath to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the host parameter contains a sourcePath file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the sourcePath value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. If you're using the Fargate launch type, the sourcePath parameter is not supported.

DaemonTaskDefinitionKernelCapabilities, DaemonTaskDefinitionKernelCapabilitiesArgs

The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition. For more detailed information about these Linux capabilities, see the capabilities(7) Linux manual page. The following describes how Docker processes the Linux capabilities specified in the add and drop request parameters. For information about the latest behavior, see Docker Compose: order of cap_drop and cap_add in the Docker Community Forum.

When the container is a privleged container, the container capabilities are all of the default Docker capabilities. The capabilities specified in the add request parameter, and the drop request parameter are ignored.
When the add request parameter is set to ALL, the container capabilities are all of the default Docker capabilities, excluding those specified in the drop request parameter.
When the drop request parameter is set to ALL, the container capabilities are the capabilities specified in the add request parameter.
When the add request parameter and the drop request parameter are both empty, the capabilities the container capabilities are all of the default Docker capabilities.
The default is to first drop the capabilities specified in the drop request parameter, and then add the capabilities specified in the add request parameter.

Add List<string>: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
Drop List<string>: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

Add []string: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
Drop []string: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

add List<String>: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
drop List<String>: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

add string[]: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
drop string[]: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

add Sequence[str]: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
drop Sequence[str]: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

add List<String>: The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run. Tasks launched on FARGATElong only support adding the SYS_PTRACE kernel capability. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
drop List<String>: The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run. Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

DaemonTaskDefinitionKeyValuePair, DaemonTaskDefinitionKeyValuePairArgs

A key-value pair object.

Name string: The name of the key-value pair. For environment variables, this is the name of the environment variable.
Value string: The value of the key-value pair. For environment variables, this is the value of the environment variable.

Name string: The name of the key-value pair. For environment variables, this is the name of the environment variable.
Value string: The value of the key-value pair. For environment variables, this is the value of the environment variable.

name String: The name of the key-value pair. For environment variables, this is the name of the environment variable.
value String: The value of the key-value pair. For environment variables, this is the value of the environment variable.

name string: The name of the key-value pair. For environment variables, this is the name of the environment variable.
value string: The value of the key-value pair. For environment variables, this is the value of the environment variable.

name str: The name of the key-value pair. For environment variables, this is the name of the environment variable.
value str: The value of the key-value pair. For environment variables, this is the value of the environment variable.

name String: The name of the key-value pair. For environment variables, this is the name of the environment variable.
value String: The value of the key-value pair. For environment variables, this is the value of the environment variable.

DaemonTaskDefinitionLinuxParameters, DaemonTaskDefinitionLinuxParametersArgs

The Linux-specific options that are applied to the container, such as Linux KernelCapabilities.

Capabilities Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionKernelCapabilities: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
Devices List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionDevice>: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
InitProcessEnabled bool: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
Tmpfs List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionTmpfs>: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

Capabilities DaemonTaskDefinitionKernelCapabilities: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
Devices []DaemonTaskDefinitionDevice: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
InitProcessEnabled bool: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
Tmpfs []DaemonTaskDefinitionTmpfs: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

capabilities DaemonTaskDefinitionKernelCapabilities: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
devices List<DaemonTaskDefinitionDevice>: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
initProcessEnabled Boolean: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
tmpfs List<DaemonTaskDefinitionTmpfs>: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

capabilities DaemonTaskDefinitionKernelCapabilities: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
devices DaemonTaskDefinitionDevice[]: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
initProcessEnabled boolean: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
tmpfs DaemonTaskDefinitionTmpfs[]: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

capabilities DaemonTaskDefinitionKernelCapabilities: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
devices Sequence[DaemonTaskDefinitionDevice]: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
init_process_enabled bool: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
tmpfs Sequence[DaemonTaskDefinitionTmpfs]: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

capabilities Property Map: The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For tasks that use the Fargate launch type, capabilities is supported for all platform versions but the add parameter is only supported if using platform version 1.4.0 or later.
devices List<Property Map>: Any host devices to expose to the container. This parameter maps to Devices in the docker container create command and the --device option to docker run. If you're using tasks that use the Fargate launch type, the devices parameter isn't supported.
initProcessEnabled Boolean: Run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'
tmpfs List<Property Map>: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run. If you're using tasks that use the Fargate launch type, the tmpfs parameter isn't supported.

DaemonTaskDefinitionLogConfiguration, DaemonTaskDefinitionLogConfigurationArgs

The log configuration for the container. This parameter maps to LogConfig in the docker container create command and the --log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. Understand the following when specifying a log configuration for your containers.

Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. For tasks on FARGATElong, the supported log drivers are awslogs, splunk, and awsfirelens. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs, fluentd, gelf, json-file, journald,syslog, splunk, and awsfirelens.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.
For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.

LogDriver string

The log driver to use for the container. For tasks on FARGATElong, the supported log drivers are awslogs, splunk, and awsfirelens. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs, fluentd, gelf, json-file, journald, syslog, splunk, and awsfirelens. For more information about using the awslogs log driver, see Send Amazon ECS logs to CloudWatch in the Amazon Elastic Container Service Developer Guide. For more information about using the awsfirelens log driver, see Send Amazon ECS logs to an service or Partner. If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.

Options Dictionary<string, string>

The configuration options to send to the log driver. The options you can specify depend on the log driver. Some of the options you can specify when you use the awslogs log driver to route logs to Amazon CloudWatch include the following:

awslogs-create-group Required: No Specify whether you want the log group to be created automatically. If this option isn't specified, it defaults to false. Your IAM policy must include the logs:CreateLogGroup permission before you attempt to use awslogs-create-group. + awslogs-region Required: Yes Specify the Region that the awslogs log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option. + awslogs-group Required: Yes Make sure to specify a log group that the awslogs log driver sends its log streams to. + awslogs-stream-prefix Required: Yes, when using Fargate.Optional when using EC2. Use the awslogs-stream-prefix option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format prefix-name/container-name/ecs-task-id. If you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option. For Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to. You must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console. + awslogs-datetime-format Required: No This option defines a multiline start pattern in Python strftime format. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. One example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry. For more information, see awslogs-datetime-format. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. + awslogs-multiline-pattern Required: No This option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. For more information, see awslogs-multiline-pattern. This option is ignored if awslogs-datetime-format is also configured. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. The following options apply to all supported log drivers.
mode Required: No Valid values: non-blocking | blocking This option defines the delivery mode of log messages from the container to the log driver specified using logDriver. The delivery mode you choose affects application availability when the flow of logs from container is interrupted. If you use the blocking mode and the flow of logs is interrupted, calls from container code to write to the stdout and stderr streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure. If you use the non-blocking mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the max-buffer-size option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see Preventing log loss with non-blocking mode in the awslogs container log driver. You can set a default mode for all containers in a specific Region by using the defaultLogDriverMode account setting. If you don't specify the mode option or configure the account setting, Amazon ECS will default to the non-blocking mode. For more information about the account setting, see Default log driver mode in the Amazon Elastic Container Service Developer Guide. On June 25, 2025, Amazon ECS changed the default log driver mode from blocking to non-blocking to prioritize task availability over logging. To continue using the blocking mode after this change, do one of the following: Set the mode option in your container definition's logConfiguration as blocking. Set the defaultLogDriverMode account setting to blocking. + max-buffer-size Required: No Default value: 10m When non-blocking mode is used, the max-buffer-size log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost. To route logs using the splunk log router, you need to specify a splunk-token and a splunk-url. When you use the awsfirelens log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the log-driver-buffer-limit option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker. Other options you can specify when using awsfirelens to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with region and a name for the log stream with delivery_stream. When you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with region and a data stream name with stream. When you export logs to Amazon OpenSearch Service, you can specify options like Name, Host (OpenSearch Service endpoint without protocol), Port, Index, Type, Aws_auth, Aws_region, Suppress_Type_Name, and tls. For more information, see Under the hood: FireLens for Amazon ECS Tasks. When you export logs to Amazon S3, you can specify the bucket using the bucket option. You can also specify region, total_file_size, upload_timeout, and use_put_object as options. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version --format '{{.Server.APIVersion}}'

SecretOptions List<Pulumi.AwsNative.Ecs.Inputs.DaemonTaskDefinitionSecret>