github.com/myhau/pulumi/pkg/v3@v3.70.2-0.20221116134521-f2775972e587/codegen/testing/test/testdata/aws-fargate-pp/aws-fargate.pp

github.com/myhau/pulumi/pkg/v3@v3.70.2-0.20221116134521-f2775972e587/codegen/testing/test/testdata/aws-fargate-pp/aws-fargate.pp (about)

     1  // Read the default VPC and public subnets, which we will use.
     2  vpc = invoke("aws:ec2:getVpc", {
     3  	default = true
     4  })
     5  subnets = invoke("aws:ec2:getSubnetIds", {
     6  	vpcId = vpc.id
     7  })
     8  
     9  // Create a security group that permits HTTP ingress and unrestricted egress.
    10  resource webSecurityGroup "aws:ec2:SecurityGroup" {
    11  	vpcId = vpc.id
    12  	egress = [{
    13  		protocol = "-1"
    14  		fromPort = 0
    15  		toPort = 0
    16  		cidrBlocks = ["0.0.0.0/0"]
    17  	}]
    18  	ingress = [{
    19  		protocol = "tcp"
    20  		fromPort = 80
    21  		toPort = 80
    22  		cidrBlocks = ["0.0.0.0/0"]
    23  	}]
    24  }
    25  
    26  // Create an ECS cluster to run a container-based service.
    27  resource cluster "aws:ecs:Cluster" {}
    28  
    29  // Create an IAM role that can be used by our service's task.
    30  resource taskExecRole "aws:iam:Role" {
    31  	assumeRolePolicy = toJSON({
    32  		Version = "2008-10-17"
    33  		Statement = [{
    34  			Sid = ""
    35  			Effect = "Allow"
    36  			Principal = {
    37  				Service = "ecs-tasks.amazonaws.com"
    38  			}
    39  			Action = "sts:AssumeRole"
    40  		}]
    41  	})
    42  }
    43  resource taskExecRolePolicyAttachment "aws:iam:RolePolicyAttachment" {
    44  	role = taskExecRole.name
    45  	policyArn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
    46  }
    47  
    48  // Create a load balancer to listen for HTTP traffic on port 80.
    49  resource webLoadBalancer "aws:elasticloadbalancingv2:LoadBalancer" {
    50  	subnets = subnets.ids
    51  	securityGroups = [webSecurityGroup.id]
    52  }
    53  resource webTargetGroup "aws:elasticloadbalancingv2:TargetGroup" {
    54  	port = 80
    55  	protocol = "HTTP"
    56  	targetType = "ip"
    57  	vpcId = vpc.id
    58  }
    59  resource webListener "aws:elasticloadbalancingv2:Listener" {
    60  	loadBalancerArn = webLoadBalancer.arn
    61  	port = 80
    62  	defaultActions = [{
    63  		type = "forward"
    64  		targetGroupArn = webTargetGroup.arn
    65  	}]
    66  }
    67  
    68  // Spin up a load balanced service running NGINX
    69  resource appTask "aws:ecs:TaskDefinition" {
    70  	family = "fargate-task-definition"
    71  	cpu = "256"
    72  	memory = "512"
    73  	networkMode = "awsvpc"
    74  	requiresCompatibilities = ["FARGATE"]
    75  	executionRoleArn = taskExecRole.arn
    76  	containerDefinitions = toJSON([{
    77  		name = "my-app"
    78  		image = "nginx"
    79  		portMappings = [{
    80  			containerPort = 80
    81  			hostPort = 80
    82  			protocol = "tcp"
    83  		}]
    84  	}])
    85  }
    86  resource appService "aws:ecs:Service" {
    87  	cluster = cluster.arn
    88  	desiredCount = 5
    89  	launchType = "FARGATE"
    90  	taskDefinition = appTask.arn
    91  	networkConfiguration = {
    92  		assignPublicIp = true
    93  		subnets = subnets.ids
    94  		securityGroups = [webSecurityGroup.id]
    95  	}
    96  	loadBalancers = [{
    97  		targetGroupArn = webTargetGroup.arn
    98  		containerName = "my-app"
    99  		containerPort = 80
   100  	}]
   101  
   102  	options {
   103  		dependsOn = [webListener]
   104  	}
   105  }
   106  
   107  // Export the resulting web address.
   108  output url { value = webLoadBalancer.dnsName }