github.com/myhau/pulumi/pkg/v3@v3.70.2-0.20221116134521-f2775972e587/codegen/testing/test/testdata/aws-fargate-pp/python/aws-fargate.py (about) 1 import pulumi 2 import json 3 import pulumi_aws as aws 4 5 vpc = aws.ec2.get_vpc(default=True) 6 subnets = aws.ec2.get_subnet_ids(vpc_id=vpc.id) 7 # Create a security group that permits HTTP ingress and unrestricted egress. 8 web_security_group = aws.ec2.SecurityGroup("webSecurityGroup", 9 vpc_id=vpc.id, 10 egress=[aws.ec2.SecurityGroupEgressArgs( 11 protocol="-1", 12 from_port=0, 13 to_port=0, 14 cidr_blocks=["0.0.0.0/0"], 15 )], 16 ingress=[aws.ec2.SecurityGroupIngressArgs( 17 protocol="tcp", 18 from_port=80, 19 to_port=80, 20 cidr_blocks=["0.0.0.0/0"], 21 )]) 22 # Create an ECS cluster to run a container-based service. 23 cluster = aws.ecs.Cluster("cluster") 24 # Create an IAM role that can be used by our service's task. 25 task_exec_role = aws.iam.Role("taskExecRole", assume_role_policy=json.dumps({ 26 "Version": "2008-10-17", 27 "Statement": [{ 28 "Sid": "", 29 "Effect": "Allow", 30 "Principal": { 31 "Service": "ecs-tasks.amazonaws.com", 32 }, 33 "Action": "sts:AssumeRole", 34 }], 35 })) 36 task_exec_role_policy_attachment = aws.iam.RolePolicyAttachment("taskExecRolePolicyAttachment", 37 role=task_exec_role.name, 38 policy_arn="arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy") 39 # Create a load balancer to listen for HTTP traffic on port 80. 40 web_load_balancer = aws.elasticloadbalancingv2.LoadBalancer("webLoadBalancer", 41 subnets=subnets.ids, 42 security_groups=[web_security_group.id]) 43 web_target_group = aws.elasticloadbalancingv2.TargetGroup("webTargetGroup", 44 port=80, 45 protocol="HTTP", 46 target_type="ip", 47 vpc_id=vpc.id) 48 web_listener = aws.elasticloadbalancingv2.Listener("webListener", 49 load_balancer_arn=web_load_balancer.arn, 50 port=80, 51 default_actions=[aws.elasticloadbalancingv2.ListenerDefaultActionArgs( 52 type="forward", 53 target_group_arn=web_target_group.arn, 54 )]) 55 # Spin up a load balanced service running NGINX 56 app_task = aws.ecs.TaskDefinition("appTask", 57 family="fargate-task-definition", 58 cpu="256", 59 memory="512", 60 network_mode="awsvpc", 61 requires_compatibilities=["FARGATE"], 62 execution_role_arn=task_exec_role.arn, 63 container_definitions=json.dumps([{ 64 "name": "my-app", 65 "image": "nginx", 66 "portMappings": [{ 67 "containerPort": 80, 68 "hostPort": 80, 69 "protocol": "tcp", 70 }], 71 }])) 72 app_service = aws.ecs.Service("appService", 73 cluster=cluster.arn, 74 desired_count=5, 75 launch_type="FARGATE", 76 task_definition=app_task.arn, 77 network_configuration=aws.ecs.ServiceNetworkConfigurationArgs( 78 assign_public_ip=True, 79 subnets=subnets.ids, 80 security_groups=[web_security_group.id], 81 ), 82 load_balancers=[aws.ecs.ServiceLoadBalancerArgs( 83 target_group_arn=web_target_group.arn, 84 container_name="my-app", 85 container_port=80, 86 )], 87 opts=pulumi.ResourceOptions(depends_on=[web_listener])) 88 pulumi.export("url", web_load_balancer.dns_name)