github.com/myhau/pulumi/pkg/v3@v3.70.2-0.20221116134521-f2775972e587/codegen/testing/test/testdata/aws-fargate-pp/nodejs/aws-fargate.ts (about)

     1  import * as pulumi from "@pulumi/pulumi";
     2  import * as aws from "@pulumi/aws";
     3  
     4  const vpc = aws.ec2.getVpc({
     5      "default": true,
     6  });
     7  const subnets = vpc.then(vpc => aws.ec2.getSubnetIds({
     8      vpcId: vpc.id,
     9  }));
    10  // Create a security group that permits HTTP ingress and unrestricted egress.
    11  const webSecurityGroup = new aws.ec2.SecurityGroup("webSecurityGroup", {
    12      vpcId: vpc.then(vpc => vpc.id),
    13      egress: [{
    14          protocol: "-1",
    15          fromPort: 0,
    16          toPort: 0,
    17          cidrBlocks: ["0.0.0.0/0"],
    18      }],
    19      ingress: [{
    20          protocol: "tcp",
    21          fromPort: 80,
    22          toPort: 80,
    23          cidrBlocks: ["0.0.0.0/0"],
    24      }],
    25  });
    26  // Create an ECS cluster to run a container-based service.
    27  const cluster = new aws.ecs.Cluster("cluster", {});
    28  // Create an IAM role that can be used by our service's task.
    29  const taskExecRole = new aws.iam.Role("taskExecRole", {assumeRolePolicy: JSON.stringify({
    30      Version: "2008-10-17",
    31      Statement: [{
    32          Sid: "",
    33          Effect: "Allow",
    34          Principal: {
    35              Service: "ecs-tasks.amazonaws.com",
    36          },
    37          Action: "sts:AssumeRole",
    38      }],
    39  })});
    40  const taskExecRolePolicyAttachment = new aws.iam.RolePolicyAttachment("taskExecRolePolicyAttachment", {
    41      role: taskExecRole.name,
    42      policyArn: "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
    43  });
    44  // Create a load balancer to listen for HTTP traffic on port 80.
    45  const webLoadBalancer = new aws.elasticloadbalancingv2.LoadBalancer("webLoadBalancer", {
    46      subnets: subnets.then(subnets => subnets.ids),
    47      securityGroups: [webSecurityGroup.id],
    48  });
    49  const webTargetGroup = new aws.elasticloadbalancingv2.TargetGroup("webTargetGroup", {
    50      port: 80,
    51      protocol: "HTTP",
    52      targetType: "ip",
    53      vpcId: vpc.then(vpc => vpc.id),
    54  });
    55  const webListener = new aws.elasticloadbalancingv2.Listener("webListener", {
    56      loadBalancerArn: webLoadBalancer.arn,
    57      port: 80,
    58      defaultActions: [{
    59          type: "forward",
    60          targetGroupArn: webTargetGroup.arn,
    61      }],
    62  });
    63  // Spin up a load balanced service running NGINX
    64  const appTask = new aws.ecs.TaskDefinition("appTask", {
    65      family: "fargate-task-definition",
    66      cpu: "256",
    67      memory: "512",
    68      networkMode: "awsvpc",
    69      requiresCompatibilities: ["FARGATE"],
    70      executionRoleArn: taskExecRole.arn,
    71      containerDefinitions: JSON.stringify([{
    72          name: "my-app",
    73          image: "nginx",
    74          portMappings: [{
    75              containerPort: 80,
    76              hostPort: 80,
    77              protocol: "tcp",
    78          }],
    79      }]),
    80  });
    81  const appService = new aws.ecs.Service("appService", {
    82      cluster: cluster.arn,
    83      desiredCount: 5,
    84      launchType: "FARGATE",
    85      taskDefinition: appTask.arn,
    86      networkConfiguration: {
    87          assignPublicIp: true,
    88          subnets: subnets.then(subnets => subnets.ids),
    89          securityGroups: [webSecurityGroup.id],
    90      },
    91      loadBalancers: [{
    92          targetGroupArn: webTargetGroup.arn,
    93          containerName: "my-app",
    94          containerPort: 80,
    95      }],
    96  }, {
    97      dependsOn: [webListener],
    98  });
    99  export const url = webLoadBalancer.dnsName;