1 | import * as ec2 from '@aws-cdk/aws-ec2';
|
2 | import * as iam from '@aws-cdk/aws-iam';
|
3 | import { IResource, Resource } from '@aws-cdk/core';
|
4 | import { Construct } from 'constructs';
|
5 | import { ContainerDefinition, ContainerDefinitionOptions, PortMapping, Protocol } from '../container-definition';
|
6 | import { FirelensLogRouter, FirelensLogRouterDefinitionOptions } from '../firelens-log-router';
|
7 | import { PlacementConstraint } from '../placement';
|
8 | import { ProxyConfiguration } from '../proxy-configuration/proxy-configuration';
|
9 | import { RuntimePlatform } from '../runtime-platform';
|
10 | /**
|
11 | * The interface for all task definitions.
|
12 | */
|
13 | export interface ITaskDefinition extends IResource {
|
14 | /**
|
15 | * ARN of this task definition
|
16 | * @attribute
|
17 | */
|
18 | readonly taskDefinitionArn: string;
|
19 | /**
|
20 | * Execution role for this task definition
|
21 | */
|
22 | readonly executionRole?: iam.IRole;
|
23 | /**
|
24 | * What launch types this task definition should be compatible with.
|
25 | */
|
26 | readonly compatibility: Compatibility;
|
27 | /**
|
28 | * Return true if the task definition can be run on an EC2 cluster
|
29 | */
|
30 | readonly isEc2Compatible: boolean;
|
31 | /**
|
32 | * Return true if the task definition can be run on a Fargate cluster
|
33 | */
|
34 | readonly isFargateCompatible: boolean;
|
35 | /**
|
36 | * Return true if the task definition can be run on a ECS Anywhere cluster
|
37 | */
|
38 | readonly isExternalCompatible: boolean;
|
39 | /**
|
40 | * The networking mode to use for the containers in the task.
|
41 | */
|
42 | readonly networkMode: NetworkMode;
|
43 | /**
|
44 | * The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
|
45 | */
|
46 | readonly taskRole: iam.IRole;
|
47 | }
|
48 | /**
|
49 | * The common properties for all task definitions. For more information, see
|
50 | * [Task Definition Parameters](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html).
|
51 | */
|
52 | export interface CommonTaskDefinitionProps {
|
53 | /**
|
54 | * The name of a family that this task definition is registered to. A family groups multiple versions of a task definition.
|
55 | *
|
56 | * @default - Automatically generated name.
|
57 | */
|
58 | readonly family?: string;
|
59 | /**
|
60 | * The name of the IAM task execution role that grants the ECS agent permission to call AWS APIs on your behalf.
|
61 | *
|
62 | * The role will be used to retrieve container images from ECR and create CloudWatch log groups.
|
63 | *
|
64 | * @default - An execution role will be automatically created if you use ECR images in your task definition.
|
65 | */
|
66 | readonly executionRole?: iam.IRole;
|
67 | /**
|
68 | * The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
|
69 | *
|
70 | * @default - A task role is automatically created for you.
|
71 | */
|
72 | readonly taskRole?: iam.IRole;
|
73 | /**
|
74 | * The configuration details for the App Mesh proxy.
|
75 | *
|
76 | * @default - No proxy configuration.
|
77 | */
|
78 | readonly proxyConfiguration?: ProxyConfiguration;
|
79 | /**
|
80 | * The list of volume definitions for the task. For more information, see
|
81 | * [Task Definition Parameter Volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide//task_definition_parameters.html#volumes).
|
82 | *
|
83 | * @default - No volumes are passed to the Docker daemon on a container instance.
|
84 | */
|
85 | readonly volumes?: Volume[];
|
86 | }
|
87 | /**
|
88 | * The properties for task definitions.
|
89 | */
|
90 | export interface TaskDefinitionProps extends CommonTaskDefinitionProps {
|
91 | /**
|
92 | * The networking mode to use for the containers in the task.
|
93 | *
|
94 | * On Fargate, the only supported networking mode is AwsVpc.
|
95 | *
|
96 | * @default - NetworkMode.Bridge for EC2 & External tasks, AwsVpc for Fargate tasks.
|
97 | */
|
98 | readonly networkMode?: NetworkMode;
|
99 | /**
|
100 | * The placement constraints to use for tasks in the service.
|
101 | *
|
102 | * You can specify a maximum of 10 constraints per task (this limit includes
|
103 | * constraints in the task definition and those specified at run time).
|
104 | *
|
105 | * Not supported in Fargate.
|
106 | *
|
107 | * @default - No placement constraints.
|
108 | */
|
109 | readonly placementConstraints?: PlacementConstraint[];
|
110 | /**
|
111 | * The task launch type compatiblity requirement.
|
112 | */
|
113 | readonly compatibility: Compatibility;
|
114 | /**
|
115 | * The number of cpu units used by the task.
|
116 | *
|
117 | * If you are using the EC2 launch type, this field is optional and any value can be used.
|
118 | * If you are using the Fargate launch type, this field is required and you must use one of the following values,
|
119 | * which determines your range of valid values for the memory parameter:
|
120 | *
|
121 | * 256 (.25 vCPU) - Available memory values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB)
|
122 | *
|
123 | * 512 (.5 vCPU) - Available memory values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB)
|
124 | *
|
125 | * 1024 (1 vCPU) - Available memory values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB)
|
126 | *
|
127 | * 2048 (2 vCPU) - Available memory values: Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB)
|
128 | *
|
129 | * 4096 (4 vCPU) - Available memory values: Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)
|
130 | *
|
131 | * @default - CPU units are not specified.
|
132 | */
|
133 | readonly cpu?: string;
|
134 | /**
|
135 | * The amount (in MiB) of memory used by the task.
|
136 | *
|
137 | * If using the EC2 launch type, this field is optional and any value can be used.
|
138 | * If using the Fargate launch type, this field is required and you must use one of the following values,
|
139 | * which determines your range of valid values for the cpu parameter:
|
140 | *
|
141 | * 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available cpu values: 256 (.25 vCPU)
|
142 | *
|
143 | * 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available cpu values: 512 (.5 vCPU)
|
144 | *
|
145 | * 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available cpu values: 1024 (1 vCPU)
|
146 | *
|
147 | * Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available cpu values: 2048 (2 vCPU)
|
148 | *
|
149 | * Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available cpu values: 4096 (4 vCPU)
|
150 | *
|
151 | * @default - Memory used by task is not specified.
|
152 | */
|
153 | readonly memoryMiB?: string;
|
154 | /**
|
155 | * The IPC resource namespace to use for the containers in the task.
|
156 | *
|
157 | * Not supported in Fargate and Windows containers.
|
158 | *
|
159 | * @default - IpcMode used by the task is not specified
|
160 | */
|
161 | readonly ipcMode?: IpcMode;
|
162 | /**
|
163 | * The process namespace to use for the containers in the task.
|
164 | *
|
165 | * Not supported in Fargate and Windows containers.
|
166 | *
|
167 | * @default - PidMode used by the task is not specified
|
168 | */
|
169 | readonly pidMode?: PidMode;
|
170 | /**
|
171 | * The inference accelerators to use for the containers in the task.
|
172 | *
|
173 | * Not supported in Fargate.
|
174 | *
|
175 | * @default - No inference accelerators.
|
176 | */
|
177 | readonly inferenceAccelerators?: InferenceAccelerator[];
|
178 | /**
|
179 | * The amount (in GiB) of ephemeral storage to be allocated to the task.
|
180 | *
|
181 | * Only supported in Fargate platform version 1.4.0 or later.
|
182 | *
|
183 | * @default - Undefined, in which case, the task will receive 20GiB ephemeral storage.
|
184 | */
|
185 | readonly ephemeralStorageGiB?: number;
|
186 | /**
|
187 | * The operating system that your task definitions are running on.
|
188 | * A runtimePlatform is supported only for tasks using the Fargate launch type.
|
189 | *
|
190 | *
|
191 | * @default - Undefined.
|
192 | */
|
193 | readonly runtimePlatform?: RuntimePlatform;
|
194 | }
|
195 | /**
|
196 | * The common task definition attributes used across all types of task definitions.
|
197 | */
|
198 | export interface CommonTaskDefinitionAttributes {
|
199 | /**
|
200 | * The arn of the task definition
|
201 | */
|
202 | readonly taskDefinitionArn: string;
|
203 | /**
|
204 | * The networking mode to use for the containers in the task.
|
205 | *
|
206 | * @default Network mode cannot be provided to the imported task.
|
207 | */
|
208 | readonly networkMode?: NetworkMode;
|
209 | /**
|
210 | * The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
|
211 | *
|
212 | * @default Permissions cannot be granted to the imported task.
|
213 | */
|
214 | readonly taskRole?: iam.IRole;
|
215 | }
|
216 | /**
|
217 | * A reference to an existing task definition
|
218 | */
|
219 | export interface TaskDefinitionAttributes extends CommonTaskDefinitionAttributes {
|
220 | /**
|
221 | * What launch types this task definition should be compatible with.
|
222 | *
|
223 | * @default Compatibility.EC2_AND_FARGATE
|
224 | */
|
225 | readonly compatibility?: Compatibility;
|
226 | }
|
227 | declare abstract class TaskDefinitionBase extends Resource implements ITaskDefinition {
|
228 | abstract readonly compatibility: Compatibility;
|
229 | abstract readonly networkMode: NetworkMode;
|
230 | abstract readonly taskDefinitionArn: string;
|
231 | abstract readonly taskRole: iam.IRole;
|
232 | abstract readonly executionRole?: iam.IRole;
|
233 | /**
|
234 | * Return true if the task definition can be run on an EC2 cluster
|
235 | */
|
236 | get isEc2Compatible(): boolean;
|
237 | /**
|
238 | * Return true if the task definition can be run on a Fargate cluster
|
239 | */
|
240 | get isFargateCompatible(): boolean;
|
241 | /**
|
242 | * Return true if the task definition can be run on a ECS anywhere cluster
|
243 | */
|
244 | get isExternalCompatible(): boolean;
|
245 | }
|
246 | /**
|
247 | * The base class for all task definitions.
|
248 | */
|
249 | export declare class TaskDefinition extends TaskDefinitionBase {
|
250 | /**
|
251 | * Imports a task definition from the specified task definition ARN.
|
252 | *
|
253 | * The task will have a compatibility of EC2+Fargate.
|
254 | */
|
255 | static fromTaskDefinitionArn(scope: Construct, id: string, taskDefinitionArn: string): ITaskDefinition;
|
256 | /**
|
257 | * Create a task definition from a task definition reference
|
258 | */
|
259 | static fromTaskDefinitionAttributes(scope: Construct, id: string, attrs: TaskDefinitionAttributes): ITaskDefinition;
|
260 | /**
|
261 | * The name of a family that this task definition is registered to.
|
262 | * A family groups multiple versions of a task definition.
|
263 | */
|
264 | readonly family: string;
|
265 | /**
|
266 | * The full Amazon Resource Name (ARN) of the task definition.
|
267 | * @attribute
|
268 | */
|
269 | readonly taskDefinitionArn: string;
|
270 | /**
|
271 | * The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
|
272 | */
|
273 | readonly taskRole: iam.IRole;
|
274 | /**
|
275 | * The networking mode to use for the containers in the task.
|
276 | */
|
277 | readonly networkMode: NetworkMode;
|
278 | /**
|
279 | * Default container for this task
|
280 | *
|
281 | * Load balancers will send traffic to this container. The first
|
282 | * essential container that is added to this task will become the default
|
283 | * container.
|
284 | */
|
285 | defaultContainer?: ContainerDefinition;
|
286 | /**
|
287 | * The task launch type compatibility requirement.
|
288 | */
|
289 | readonly compatibility: Compatibility;
|
290 | /**
|
291 | * The amount (in GiB) of ephemeral storage to be allocated to the task.
|
292 | *
|
293 | * Only supported in Fargate platform version 1.4.0 or later.
|
294 | */
|
295 | readonly ephemeralStorageGiB?: number;
|
296 | /**
|
297 | * The container definitions.
|
298 | */
|
299 | protected readonly containers: ContainerDefinition[];
|
300 | /**
|
301 | * All volumes
|
302 | */
|
303 | private readonly volumes;
|
304 | /**
|
305 | * Placement constraints for task instances
|
306 | */
|
307 | private readonly placementConstraints;
|
308 | /**
|
309 | * Inference accelerators for task instances
|
310 | */
|
311 | private readonly _inferenceAccelerators;
|
312 | private _executionRole?;
|
313 | private _referencesSecretJsonField?;
|
314 | private runtimePlatform?;
|
315 | /**
|
316 | * Constructs a new instance of the TaskDefinition class.
|
317 | */
|
318 | constructor(scope: Construct, id: string, props: TaskDefinitionProps);
|
319 | get executionRole(): iam.IRole | undefined;
|
320 | /**
|
321 | * Public getter method to access list of inference accelerators attached to the instance.
|
322 | */
|
323 | get inferenceAccelerators(): InferenceAccelerator[];
|
324 | private renderVolumes;
|
325 | private renderInferenceAccelerators;
|
326 | /**
|
327 | * Validate the existence of the input target and set default values.
|
328 | *
|
329 | * @internal
|
330 | */
|
331 | _validateTarget(options: LoadBalancerTargetOptions): LoadBalancerTarget;
|
332 | /**
|
333 | * Returns the port range to be opened that match the provided container name and container port.
|
334 | *
|
335 | * @internal
|
336 | */
|
337 | _portRangeFromPortMapping(portMapping: PortMapping): ec2.Port;
|
338 | /**
|
339 | * Adds a policy statement to the task IAM role.
|
340 | */
|
341 | addToTaskRolePolicy(statement: iam.PolicyStatement): void;
|
342 | /**
|
343 | * Adds a policy statement to the task execution IAM role.
|
344 | */
|
345 | addToExecutionRolePolicy(statement: iam.PolicyStatement): void;
|
346 | /**
|
347 | * Adds a new container to the task definition.
|
348 | */
|
349 | addContainer(id: string, props: ContainerDefinitionOptions): ContainerDefinition;
|
350 | /**
|
351 | * Adds a firelens log router to the task definition.
|
352 | */
|
353 | addFirelensLogRouter(id: string, props: FirelensLogRouterDefinitionOptions): FirelensLogRouter;
|
354 | /**
|
355 | * Links a container to this task definition.
|
356 | * @internal
|
357 | */
|
358 | _linkContainer(container: ContainerDefinition): void;
|
359 | /**
|
360 | * Adds a volume to the task definition.
|
361 | */
|
362 | addVolume(volume: Volume): void;
|
363 | /**
|
364 | * Adds the specified placement constraint to the task definition.
|
365 | */
|
366 | addPlacementConstraint(constraint: PlacementConstraint): void;
|
367 | /**
|
368 | * Adds the specified extension to the task definition.
|
369 | *
|
370 | * Extension can be used to apply a packaged modification to
|
371 | * a task definition.
|
372 | */
|
373 | addExtension(extension: ITaskDefinitionExtension): void;
|
374 | /**
|
375 | * Adds an inference accelerator to the task definition.
|
376 | */
|
377 | addInferenceAccelerator(inferenceAccelerator: InferenceAccelerator): void;
|
378 | /**
|
379 | * Creates the task execution IAM role if it doesn't already exist.
|
380 | */
|
381 | obtainExecutionRole(): iam.IRole;
|
382 | /**
|
383 | * Whether this task definition has at least a container that references a
|
384 | * specific JSON field of a secret stored in Secrets Manager.
|
385 | */
|
386 | get referencesSecretJsonField(): boolean | undefined;
|
387 | /**
|
388 | * Validates the task definition.
|
389 | */
|
390 | protected validate(): string[];
|
391 | /**
|
392 | * Returns the container that match the provided containerName.
|
393 | */
|
394 | findContainer(containerName: string): ContainerDefinition | undefined;
|
395 | private renderNetworkMode;
|
396 | private renderContainers;
|
397 | private checkFargateWindowsBasedTasksSize;
|
398 | }
|
399 | /**
|
400 | * The networking mode to use for the containers in the task.
|
401 | */
|
402 | export declare enum NetworkMode {
|
403 | /**
|
404 | * The task's containers do not have external connectivity and port mappings can't be specified in the container definition.
|
405 | */
|
406 | NONE = "none",
|
407 | /**
|
408 | * The task utilizes Docker's built-in virtual network which runs inside each container instance.
|
409 | */
|
410 | BRIDGE = "bridge",
|
411 | /**
|
412 | * The task is allocated an elastic network interface.
|
413 | */
|
414 | AWS_VPC = "awsvpc",
|
415 | /**
|
416 | * The task bypasses Docker's built-in virtual network and maps container ports directly to the EC2 instance's network interface directly.
|
417 | *
|
418 | * In this mode, you can't run multiple instantiations of the same task on a
|
419 | * single container instance when port mappings are used.
|
420 | */
|
421 | HOST = "host",
|
422 | /**
|
423 | * The task utilizes NAT network mode required by Windows containers.
|
424 | *
|
425 | * This is the only supported network mode for Windows containers. For more information, see
|
426 | * [Task Definition Parameters](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#network_mode).
|
427 | */
|
428 | NAT = "nat"
|
429 | }
|
430 | /**
|
431 | * The IPC resource namespace to use for the containers in the task.
|
432 | */
|
433 | export declare enum IpcMode {
|
434 | /**
|
435 | * If none is specified, then IPC resources within the containers of a task are private and not
|
436 | * shared with other containers in a task or on the container instance
|
437 | */
|
438 | NONE = "none",
|
439 | /**
|
440 | * If host is specified, then all containers within the tasks that specified the host IPC mode on
|
441 | * the same container instance share the same IPC resources with the host Amazon EC2 instance.
|
442 | */
|
443 | HOST = "host",
|
444 | /**
|
445 | * If task is specified, all containers within the specified task share the same IPC resources.
|
446 | */
|
447 | TASK = "task"
|
448 | }
|
449 | /**
|
450 | * The process namespace to use for the containers in the task.
|
451 | */
|
452 | export declare enum PidMode {
|
453 | /**
|
454 | * If host is specified, then all containers within the tasks that specified the host PID mode
|
455 | * on the same container instance share the same process namespace with the host Amazon EC2 instance.
|
456 | */
|
457 | HOST = "host",
|
458 | /**
|
459 | * If task is specified, all containers within the specified task share the same process namespace.
|
460 | */
|
461 | TASK = "task"
|
462 | }
|
463 | /**
|
464 | * Elastic Inference Accelerator.
|
465 | * For more information, see [Elastic Inference Basics](https://docs.aws.amazon.com/elastic-inference/latest/developerguide/basics.html)
|
466 | */
|
467 | export interface InferenceAccelerator {
|
468 | /**
|
469 | * The Elastic Inference accelerator device name.
|
470 | * @default - empty
|
471 | */
|
472 | readonly deviceName?: string;
|
473 | /**
|
474 | * The Elastic Inference accelerator type to use. The allowed values are: eia2.medium, eia2.large and eia2.xlarge.
|
475 | * @default - empty
|
476 | */
|
477 | readonly deviceType?: string;
|
478 | }
|
479 | /**
|
480 | * A data volume used in a task definition.
|
481 | *
|
482 | * For tasks that use a Docker volume, specify a DockerVolumeConfiguration.
|
483 | * For tasks that use a bind mount host volume, specify a host and optional sourcePath.
|
484 | *
|
485 | * For more information, see [Using Data Volumes in Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html).
|
486 | */
|
487 | export interface Volume {
|
488 | /**
|
489 | * This property is specified when you are using bind mount host volumes.
|
490 | *
|
491 | * Bind mount host volumes are supported when you are using either the EC2 or Fargate launch types.
|
492 | * The contents of the host parameter determine whether your bind mount host volume persists on the
|
493 | * host container instance and where it is stored. If the host parameter is empty, then the Docker
|
494 | * daemon assigns a host path for your data volume. However, the data is not guaranteed to persist
|
495 | * after the containers associated with it stop running.
|
496 | */
|
497 | readonly host?: Host;
|
498 | /**
|
499 | * The name of the volume.
|
500 | *
|
501 | * Up to 255 letters (uppercase and lowercase), numbers, and hyphens are allowed.
|
502 | * This name is referenced in the sourceVolume parameter of container definition mountPoints.
|
503 | */
|
504 | readonly name: string;
|
505 | /**
|
506 | * This property is specified when you are using Docker volumes.
|
507 | *
|
508 | * Docker volumes are only supported when you are using the EC2 launch type.
|
509 | * Windows containers only support the use of the local driver.
|
510 | * To use bind mounts, specify a host instead.
|
511 | */
|
512 | readonly dockerVolumeConfiguration?: DockerVolumeConfiguration;
|
513 | /**
|
514 | * This property is specified when you are using Amazon EFS.
|
515 | *
|
516 | * When specifying Amazon EFS volumes in tasks using the Fargate launch type,
|
517 | * Fargate creates a supervisor container that is responsible for managing the Amazon EFS volume.
|
518 | * The supervisor container uses a small amount of the task's memory.
|
519 | * The supervisor container is visible when querying the task metadata version 4 endpoint,
|
520 | * but is not visible in CloudWatch Container Insights.
|
521 | *
|
522 | * @default No Elastic FileSystem is setup
|
523 | */
|
524 | readonly efsVolumeConfiguration?: EfsVolumeConfiguration;
|
525 | }
|
526 | /**
|
527 | * The details on a container instance bind mount host volume.
|
528 | */
|
529 | export interface Host {
|
530 | /**
|
531 | * Specifies the path on the host container instance that is presented to the container.
|
532 | * If the sourcePath value does not exist on the host container instance, the Docker daemon creates it.
|
533 | * If the location does exist, the contents of the source path folder are exported.
|
534 | *
|
535 | * This property is not supported for tasks that use the Fargate launch type.
|
536 | */
|
537 | readonly sourcePath?: string;
|
538 | }
|
539 | /**
|
540 | * Properties for an ECS target.
|
541 | *
|
542 | * @internal
|
543 | */
|
544 | export interface LoadBalancerTarget {
|
545 | /**
|
546 | * The name of the container.
|
547 | */
|
548 | readonly containerName: string;
|
549 | /**
|
550 | * The port mapping of the target.
|
551 | */
|
552 | readonly portMapping: PortMapping;
|
553 | }
|
554 | /**
|
555 | * Properties for defining an ECS target. The port mapping for it must already have been created through addPortMapping().
|
556 | */
|
557 | export interface LoadBalancerTargetOptions {
|
558 | /**
|
559 | * The name of the container.
|
560 | */
|
561 | readonly containerName: string;
|
562 | /**
|
563 | * The port number of the container. Only applicable when using application/network load balancers.
|
564 | *
|
565 | * @default - Container port of the first added port mapping.
|
566 | */
|
567 | readonly containerPort?: number;
|
568 | /**
|
569 | * The protocol used for the port mapping. Only applicable when using application load balancers.
|
570 | *
|
571 | * @default Protocol.TCP
|
572 | */
|
573 | readonly protocol?: Protocol;
|
574 | }
|
575 | /**
|
576 | * The configuration for a Docker volume. Docker volumes are only supported when you are using the EC2 launch type.
|
577 | */
|
578 | export interface DockerVolumeConfiguration {
|
579 | /**
|
580 | * Specifies whether the Docker volume should be created if it does not already exist.
|
581 | * If true is specified, the Docker volume will be created for you.
|
582 | *
|
583 | * @default false
|
584 | */
|
585 | readonly autoprovision?: boolean;
|
586 | /**
|
587 | * The Docker volume driver to use.
|
588 | */
|
589 | readonly driver: string;
|
590 | /**
|
591 | * A map of Docker driver-specific options passed through.
|
592 | *
|
593 | * @default No options
|
594 | */
|
595 | readonly driverOpts?: {
|
596 | [key: string]: string;
|
597 | };
|
598 | /**
|
599 | * Custom metadata to add to your Docker volume.
|
600 | *
|
601 | * @default No labels
|
602 | */
|
603 | readonly labels?: {
|
604 | [key: string]: string;
|
605 | };
|
606 | /**
|
607 | * The scope for the Docker volume that determines its lifecycle.
|
608 | */
|
609 | readonly scope: Scope;
|
610 | }
|
611 | /**
|
612 | * The authorization configuration details for the Amazon EFS file system.
|
613 | */
|
614 | export interface AuthorizationConfig {
|
615 | /**
|
616 | * The access point ID to use.
|
617 | * If an access point is specified, the root directory value will be
|
618 | * relative to the directory set for the access point.
|
619 | * If specified, transit encryption must be enabled in the EFSVolumeConfiguration.
|
620 | *
|
621 | * @default No id
|
622 | */
|
623 | readonly accessPointId?: string;
|
624 | /**
|
625 | * Whether or not to use the Amazon ECS task IAM role defined
|
626 | * in a task definition when mounting the Amazon EFS file system.
|
627 | * If enabled, transit encryption must be enabled in the EFSVolumeConfiguration.
|
628 | *
|
629 | * Valid values: ENABLED | DISABLED
|
630 | *
|
631 | * @default If this parameter is omitted, the default value of DISABLED is used.
|
632 | */
|
633 | readonly iam?: string;
|
634 | }
|
635 | /**
|
636 | * The configuration for an Elastic FileSystem volume.
|
637 | */
|
638 | export interface EfsVolumeConfiguration {
|
639 | /**
|
640 | * The Amazon EFS file system ID to use.
|
641 | */
|
642 | readonly fileSystemId: string;
|
643 | /**
|
644 | * The directory within the Amazon EFS file system to mount as the root directory inside the host.
|
645 | * Specifying / will have the same effect as omitting this parameter.
|
646 | *
|
647 | * @default The root of the Amazon EFS volume
|
648 | */
|
649 | readonly rootDirectory?: string;
|
650 | /**
|
651 | * Whether or not to enable encryption for Amazon EFS data in transit between
|
652 | * the Amazon ECS host and the Amazon EFS server.
|
653 | * Transit encryption must be enabled if Amazon EFS IAM authorization is used.
|
654 | *
|
655 | * Valid values: ENABLED | DISABLED
|
656 | *
|
657 | * @default DISABLED
|
658 | */
|
659 | readonly transitEncryption?: string;
|
660 | /**
|
661 | * The port to use when sending encrypted data between
|
662 | * the Amazon ECS host and the Amazon EFS server. EFS mount helper uses.
|
663 | *
|
664 | * @default Port selection strategy that the Amazon EFS mount helper uses.
|
665 | */
|
666 | readonly transitEncryptionPort?: number;
|
667 | /**
|
668 | * The authorization configuration details for the Amazon EFS file system.
|
669 | *
|
670 | * @default No configuration.
|
671 | */
|
672 | readonly authorizationConfig?: AuthorizationConfig;
|
673 | }
|
674 | /**
|
675 | * The scope for the Docker volume that determines its lifecycle.
|
676 | * Docker volumes that are scoped to a task are automatically provisioned when the task starts and destroyed when the task stops.
|
677 | * Docker volumes that are scoped as shared persist after the task stops.
|
678 | */
|
679 | export declare enum Scope {
|
680 | /**
|
681 | * Docker volumes that are scoped to a task are automatically provisioned when the task starts and destroyed when the task stops.
|
682 | */
|
683 | TASK = "task",
|
684 | /**
|
685 | * Docker volumes that are scoped as shared persist after the task stops.
|
686 | */
|
687 | SHARED = "shared"
|
688 | }
|
689 | /**
|
690 | * The task launch type compatibility requirement.
|
691 | */
|
692 | export declare enum Compatibility {
|
693 | /**
|
694 | * The task should specify the EC2 launch type.
|
695 | */
|
696 | EC2 = 0,
|
697 | /**
|
698 | * The task should specify the Fargate launch type.
|
699 | */
|
700 | FARGATE = 1,
|
701 | /**
|
702 | * The task can specify either the EC2 or Fargate launch types.
|
703 | */
|
704 | EC2_AND_FARGATE = 2,
|
705 | /**
|
706 | * The task should specify the External launch type.
|
707 | */
|
708 | EXTERNAL = 3
|
709 | }
|
710 | /**
|
711 | * An extension for Task Definitions
|
712 | *
|
713 | * Classes that want to make changes to a TaskDefinition (such as
|
714 | * adding helper containers) can implement this interface, and can
|
715 | * then be "added" to a TaskDefinition like so:
|
716 | *
|
717 | * taskDefinition.addExtension(new MyExtension("some_parameter"));
|
718 | */
|
719 | export interface ITaskDefinitionExtension {
|
720 | /**
|
721 | * Apply the extension to the given TaskDefinition
|
722 | *
|
723 | * @param taskDefinition [disable-awslint:ref-via-interface]
|
724 | */
|
725 | extend(taskDefinition: TaskDefinition): void;
|
726 | }
|
727 | /**
|
728 | * Return true if the given task definition can be run on an EC2 cluster
|
729 | */
|
730 | export declare function isEc2Compatible(compatibility: Compatibility): boolean;
|
731 | /**
|
732 | * Return true if the given task definition can be run on a Fargate cluster
|
733 | */
|
734 | export declare function isFargateCompatible(compatibility: Compatibility): boolean;
|
735 | /**
|
736 | * Return true if the given task definition can be run on a ECS Anywhere cluster
|
737 | */
|
738 | export declare function isExternalCompatible(compatibility: Compatibility): boolean;
|
739 | export {};
|