CtrlK
BlogDocsLog inGet started
Tessl Logo

giuseppe-trisciuoglio/developer-kit

Comprehensive developer toolkit providing reusable skills for Java/Spring Boot, TypeScript/NestJS/React/Next.js, Python, PHP, AWS CloudFormation, AI/RAG, DevOps, and more.

82

Quality

82%

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

SecuritybySnyk

Risky

Do not use without reviewing

Validation failed for skills in this tile
One or more skills have errors that need to be fixed before they can move to Implementation and Discovery review.
Overview
Quality
Evals
Security
Files

reference.mdplugins/developer-kit-aws/skills/aws-cloudformation/aws-cloudformation-ecs/references/

AWS CloudFormation ECS - Reference

This reference guide contains detailed information about AWS CloudFormation resources, intrinsic functions, and configurations for ECS container infrastructure.

AWS::ECS::Cluster

Creates an Amazon ECS cluster.

Properties

PropertyTypeRequiredDescription
ClusterNameStringNoThe name of the cluster
ClusterSettingsList of ClusterSettingNoThe settings for the cluster
ServiceConnectDefaultsServiceConnectDefaultsNoService Connect configuration
TagsList of TagNoTags for the cluster

ClusterSetting Structure

PropertyTypeDescription
NameStringThe setting name (containerInsights)
ValueStringThe setting value (enabled, disabled)

Example

Resources:
  ECSCluster:
    Type: AWS::ECS::Cluster
    Properties:
      ClusterName: !Sub "${AWS::StackName}-cluster"
      ClusterSettings:
        - Name: containerInsights
          Value: enabled
      Tags:
        - Key: Environment
          Value: !Ref Environment

Attributes

AttributeDescription
ArnThe ARN of the cluster
ClusterNameThe name of the cluster

AWS::ECS::TaskDefinition

Creates a task definition for ECS.

Properties

PropertyTypeRequiredDescription
FamilyStringNoThe family name for the task definition
CpuStringNoThe CPU units for the task (128-122880)
MemoryStringNoThe memory for the task (4-150000 MiB)
NetworkModeStringNoNetwork mode (none, bridge, awsvpc, host)
RequiresCompatibilitiesList of StringNoLaunch types (EC2, FARGATE)
ExecutionRoleArnStringNoIAM role for task execution
TaskRoleArnStringNoIAM role for task containers
TaskRoleArnStringNoIAM role for task containers
VolumesList of VolumeNoList of volumes
ContainerDefinitionsList of ContainerDefinitionYesContainer definitions
InferenceAcceleratorsList of InferenceAcceleratorNoInference accelerators
EphemeralStorageEphemeralStorageNoEphemeral storage size (21-200 GB)
RuntimePlatformRuntimePlatformNoOS/Architecture settings
TagsList of TagNoTags for the task definition

ContainerDefinition Structure

PropertyTypeRequiredDescription
NameStringYesThe name of the container
ImageStringYesDocker image URI or ECR URI
CpuIntegerNoCPU units for the container
MemoryIntegerNoMemory hard limit for container
MemoryReservationIntegerNoMemory soft limit for container
PortMappingsList of PortMappingNoPort mappings
EssentialBooleanNoWhether container is essential
EntryPointList of StringNoEntrypoint
CommandList of StringNoCommand to run
EnvironmentList of KeyValuePairNoEnvironment variables
SecretsList of SecretNoSecrets from Secrets Manager
LogConfigurationLogConfigurationNoLogging configuration
HealthCheckHealthCheckNoHealth check configuration
DependsOnList of ContainerDependencyNoDependencies
DisableNetworkingBooleanNoDisable networking
PrivilegedBooleanNoEnable privileged mode
ReadonlyRootFilesystemBooleanNoRead-only root filesystem
UlimitsList of UlimitNoUlimits
WorkingDirectoryStringNoWorking directory

PortMapping Structure

PropertyTypeDescription
ContainerPortIntegerPort on the container
HostPortIntegerPort on the host instance
ProtocolStringProtocol (tcp, udp)

Secret Structure

PropertyTypeDescription
NameStringName of the secret
ValueFromStringARN of the secret

LogConfiguration Structure

PropertyTypeDescription
LogDriverStringLog driver (json-file, syslog, awslogs, etc.)
OptionsMap of StringDriver-specific options

HealthCheck Structure

PropertyTypeDescription
CommandList of StringHealth check command
IntervalIntegerInterval in seconds (5-300)
TimeoutIntegerTimeout in seconds (2-60)
RetriesIntegerRetry attempts (1-10)
StartPeriodIntegerStart period in seconds (0-300)

Example

Resources:
  TaskDefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      Family: web-app
      Cpu: "512"
      Memory: "1024"
      NetworkMode: awsvpc
      RequiresCompatibilities:
        - EC2
        - FARGATE
      ExecutionRoleArn: !Ref TaskExecutionRole
      ContainerDefinitions:
        - Name: web
          Image: nginx:latest
          Cpu: 256
          Memory: 512
          PortMappings:
            - ContainerPort: 80
              Protocol: tcp
          Environment:
            - Name: ENV
              Value: !Ref Environment
          LogConfiguration:
            LogDriver: awslogs
            Options:
              awslogs-group: !Ref LogGroup
              awslogs-region: !Ref AWS::Region
              awslogs-stream-prefix: ecs
          HealthCheck:
            Command:
              - CMD-SHELL
              - curl -f http://localhost:80/health || exit 1
            Interval: 30
            Timeout: 5
            Retries: 3

Attributes

AttributeDescription
TaskDefinitionArnThe ARN of the task definition
FamilyThe family name of the task definition
RevisionThe revision number

AWS::ECS::Service

Creates an Amazon ECS service.

Properties

PropertyTypeRequiredDescription
ClusterStringYesARN or name of the cluster
ServiceNameStringNoThe name of the service
TaskDefinitionStringYesARN or family:revision of task definition
DesiredCountIntegerNoDesired number of tasks (1-1000)
LaunchTypeStringNoLaunch type (EC2, FARGATE, EXTERNAL)
CapacityProviderStrategyList of CapacityProviderStrategyItemNoCapacity provider strategy
DeploymentConfigurationDeploymentConfigurationNoDeployment configuration
SchedulingStrategyStringNoREPLICA or DAEMON
PlacementConstraintsList of PlacementConstraintNoPlacement constraints
PlacementStrategiesList of PlacementStrategyNoPlacement strategies
NetworkConfigurationNetworkConfigurationNoNetwork configuration
LoadBalancersList of LoadBalancerNoLoad balancers
ServiceRegistriesList of ServiceRegistryNoService discovery
PropagateTagsStringNoPropagate tags (TASK_DEFINITION, SERVICE)
EnableExecuteCommandBooleanNoEnable ECS Execute
HealthCheckGracePeriodSecondsIntegerNoGrace period for health checks
TagsList of TagNoTags for the service

DeploymentConfiguration Structure

PropertyTypeDescription
MaximumPercentIntegerMax tasks during deployment (100-200)
MinimumHealthyPercentIntegerMin healthy tasks (0-100)
DeploymentCircuitBreakerDeploymentCircuitBreakerCircuit breaker config

DeploymentCircuitBreaker Structure

PropertyTypeDescription
EnableBooleanEnable circuit breaker
RollbackBooleanEnable automatic rollback

CapacityProviderStrategyItem Structure

PropertyTypeDescription
CapacityProviderStringCapacity provider name
WeightIntegerWeight for the provider
BaseIntegerBase tasks for the provider

NetworkConfiguration Structure

PropertyTypeDescription
AwsvpcConfigurationAwsVpcConfigurationVPC configuration

AwsVpcConfiguration Structure

PropertyTypeDescription
AssignPublicIpStringENABLED or DISABLED
SecurityGroupsList of StringSecurity group IDs
SubnetsList of StringSubnet IDs

LoadBalancer Structure

PropertyTypeDescription
ContainerNameStringName of the container
ContainerPortIntegerPort on the container
TargetGroupArnStringARN of target group

ServiceRegistry Structure

PropertyTypeDescription
RegistryArnStringARN of service discovery
PortIntegerPort number
ContainerNameStringContainer name
ContainerPortIntegerContainer port

PlacementConstraint Structure

PropertyTypeDescription
TypeStringConstraint type (memberOf, distinctInstance)
ExpressionStringConstraint expression

PlacementStrategy Structure

PropertyTypeDescription
TypeStringStrategy type (random, spread, binpack)
FieldStringField for spread/binpack

Example

Resources:
  EcsService:
    Type: AWS::ECS::Service
    Properties:
      ServiceName: !Sub "${AWS::StackName}-service"
      Cluster: !Ref ECSCluster
      TaskDefinition: !Ref TaskDefinition
      DesiredCount: 2
      LaunchType: FARGATE
      DeploymentConfiguration:
        MaximumPercent: 200
        MinimumHealthyPercent: 50
        DeploymentCircuitBreaker:
          Enable: true
          Rollback: true
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: DISABLED
          SecurityGroups:
            - !Ref EcsSecurityGroup
          Subnets: !Ref PrivateSubnets
      LoadBalancers:
        - ContainerName: web
          ContainerPort: 80
          TargetGroupArn: !Ref TargetGroup
      PropagateTags: SERVICE
      ServiceRegistries:
        - RegistryArn: !GetAtt ServiceDiscoveryService.Arn

Attributes

AttributeDescription
ServiceArnThe ARN of the service
ServiceNameThe name of the service
DesiredCountThe desired task count

AWS::ECS::TaskSet

Creates a task set for an ECS service.

Properties

PropertyTypeRequiredDescription
ClusterStringYesARN of the cluster
ServiceStringYesARN of the service
TaskDefinitionStringYesARN of the task definition
ScaleScaleNoScale configuration
TaskSetTagsList of TagNoTags

Scale Structure

PropertyTypeDescription
UnitStringPERCENT
ValueIntegerScale value (0-100)

Attributes

AttributeDescription
TaskSetArnThe ARN of the task set

AWS::ECS::CapacityProvider

Creates a capacity provider for ECS.

Properties

PropertyTypeRequiredDescription
NameStringYesName of the capacity provider
AutoScalingGroupProviderAutoScalingGroupProviderYesASG configuration
TagsList of TagNoTags

AutoScalingGroupProvider Structure

PropertyTypeDescription
AutoScalingGroupArnStringARN of the ASG
ManagedScalingManagedScalingScaling settings
ManagedTerminationProtectionStringTermination protection

ManagedScaling Structure

PropertyTypeDescription
StatusStringENABLED or DISABLED
TargetCapacityIntegerTarget capacity
MinimumScalingStepSizeIntegerMin step
MaximumScalingStepSizeIntegerMax step
ScaleInIntervalIntegerScale-in interval

Example

Resources:
  CapacityProvider:
    Type: AWS::ECS::CapacityProvider
    Properties:
      Name: !Sub "${AWS::StackName}-capacity-provider"
      AutoScalingGroupProvider:
        AutoScalingGroupArn: !Ref AutoScalingGroup
        ManagedScaling:
          Status: ENABLED
          TargetCapacity: 80
          MinimumScalingStepSize: 1
          MaximumScalingStepSize: 10
        ManagedTerminationProtection: DISABLED

AWS::ApplicationAutoScaling::ScalableTarget

Creates a scalable target for ECS service auto scaling.

Properties

PropertyTypeRequiredDescription
MaxCapacityIntegerYesMaximum capacity
MinCapacityIntegerYesMinimum capacity
ResourceIdStringYesResource ID (service/cluster/service)
RoleARNStringYesIAM role ARN
ScalableDimensionStringYesecs:service:DesiredCount
ServiceNamespaceStringYesecs

Example

Resources:
  ScalableTarget:
    Type: AWS::ApplicationAutoScaling::ScalableTarget
    Properties:
      MaxCapacity: 10
      MinCapacity: 2
      ResourceId: !Sub "service/${ClusterName}/${ServiceName}"
      RoleARN: !Ref AutoScalingRoleArn
      ScalableDimension: ecs:service:DesiredCount
      ServiceNamespace: ecs

AWS::ApplicationAutoScaling::ScalingPolicy

Creates a scaling policy for ECS.

Properties

PropertyTypeRequiredDescription
PolicyNameStringYesName of the policy
PolicyTypeStringYesTargetTrackingScaling or StepScaling
ScalingTargetIdStringYesID of scalable target
TargetTrackingScalingPolicyConfigurationTargetTrackingScalingPolicyConfigurationCondTarget tracking config
StepScalingPolicyConfigurationStepScalingPolicyConfigurationCondStep scaling config

TargetTrackingScalingPolicyConfiguration Structure

PropertyTypeDescription
PredefinedMetricSpecificationPredefinedMetricSpecificationPredefined metric
CustomizedMetricSpecificationCustomizedMetricSpecificationCustom metric
TargetValueDoubleTarget value
ScaleInCooldownIntegerScale-in cooldown
ScaleOutCooldownIntegerScale-out cooldown

PredefinedMetricSpecification Structure

PropertyTypeDescription
PredefinedMetricTypeStringECSServiceAverageCPUUtilization, ECSServiceAverageMemoryUtilization

StepScalingPolicyConfiguration Structure

PropertyTypeDescription
AdjustmentTypeStringChangeInCapacity, PercentChangeInCapacity, ExactCapacity
CooldownIntegerCooldown period
MetricAggregationTypeStringAverage, Maximum, Minimum
StepAdjustmentsList of StepAdjustmentStep adjustments

StepAdjustment Structure

PropertyTypeDescription
MetricIntervalLowerBoundDoubleLower bound
MetricIntervalUpperBoundDoubleUpper bound
ScalingAdjustmentIntegerAdjustment amount

Example

Resources:
  CpuScalingPolicy:
    Type: AWS::ApplicationAutoScaling::ScalingPolicy
    Properties:
      PolicyName: !Sub "${AWS::StackName}-cpu-scaling"
      PolicyType: TargetTrackingScaling
      ScalingTargetId: !Ref ScalableTarget
      TargetTrackingScalingPolicyConfiguration:
        PredefinedMetricSpecification:
          PredefinedMetricType: ECSServiceAverageCPUUtilization
        TargetValue: 70
        ScaleInCooldown: 300
        ScaleOutCooldown: 60

AWS::ServiceDiscovery::Service

Creates a service discovery service.

Properties

PropertyTypeRequiredDescription
NameStringYesName of the service
NamespaceIdStringYesARN of the namespace
DnsConfigDnsConfigYesDNS configuration
HealthCheckConfigHealthCheckConfigNoHealth check config
HealthCheckCustomConfigHealthCheckCustomConfigNoCustom health check
DescriptionStringNoDescription
TagsList of TagNoTags

DnsConfig Structure

PropertyTypeDescription
NamespaceIdStringNamespace ARN
RoutingPolicyStringMULTIVALUE, LATENCY, GEODNS
DnsRecordsList of DnsRecordDNS records

DnsRecord Structure

PropertyTypeDescription
TypeStringA, AAAA, SRV, CNAME
TTLIntegerTTL in seconds

Example

Resources:
  ServiceDiscoveryService:
    Type: AWS::ServiceDiscovery::Service
    Properties:
      Name: web-app
      NamespaceId: !Ref ServiceDiscoveryNamespace
      DnsConfig:
        DnsRecords:
          - Type: A
            TTL: 60
      HealthCheckConfig:
        Type: HTTP
        ResourcePath: /health

Attributes

AttributeDescription
ArnThe ARN of the service
NameThe name of the service

AWS::ServiceDiscovery::PrivateDnsNamespace

Creates a private DNS namespace.

Properties

PropertyTypeRequiredDescription
NameStringYesName of the namespace
VpcStringYesVPC ID
DescriptionStringNoDescription
TagsList of TagNoTags

Example

Resources:
  ServiceDiscoveryNamespace:
    Type: AWS::ServiceDiscovery::PrivateDnsNamespace
    Properties:
      Name: !Sub "${Environment}.internal"
      Vpc: !Ref VpcId

Attributes

AttributeDescription
ArnThe ARN of the namespace
IdThe ID of the namespace

AWS::CodeDeploy::BlueGreen

Creates a blue/green hook for ECS deployments.

Properties

PropertyTypeRequiredDescription
TrafficRoutingConfigTrafficRoutingConfigNoTraffic routing config
AdditionalOptionsAdditionalOptionsNoAdditional options
LifecycleEventHooksLifecycleEventHooksNoLifecycle hooks
ServiceRoleStringYesCodeDeploy service role
ApplicationsList of BlueGreenApplicationYesTarget applications

TrafficRoutingConfig Structure

PropertyTypeDescription
TypeStringAllAtOnce, TimeBasedCanary, TimeBasedLinear
TimeBasedCanaryTimeBasedCanaryCanary config
TimeBasedLinearTimeBasedLinearLinear config

TimeBasedCanary Structure

PropertyTypeDescription
StepPercentageIntegerTraffic percentage for first step (>=14)
BakeTimeMinsIntegerMinutes between steps

TimeBasedLinear Structure

PropertyTypeDescription
StepPercentageIntegerTraffic increment percentage
BakeTimeMinsIntegerMinutes between increments

AdditionalOptions Structure

PropertyTypeDescription
TerminationWaitTimeInMinutesIntegerWait time before termination

LifecycleEventHooks Structure

PropertyTypeDescription
BeforeInstallStringLambda function for BeforeInstall
AfterInstallStringLambda function for AfterInstall
AfterAllowTestTrafficStringLambda function for AfterAllowTestTraffic
BeforeAllowTrafficStringLambda function for BeforeAllowTraffic
AfterAllowTrafficStringLambda function for AfterAllowTraffic

BlueGreenApplication Structure

PropertyTypeDescription
TargetBlueGreenTargetTarget service
ECSAttributesECSAttributesECS-specific config

BlueGreenTarget Structure

PropertyTypeDescription
TypeStringAWS::ECS::Service
LogicalIDStringLogical ID of the service

ECSAttributes Structure

PropertyTypeDescription
TaskDefinitionsList of StringTask definition logical IDs
TaskSetsList of StringTask set logical IDs
TrafficRoutingTrafficRoutingTraffic routing config

TrafficRouting Structure

PropertyTypeDescription
ProdTrafficRouteTrafficRouteProduction listener
TestTrafficRouteTrafficRouteTest listener
TargetGroupsList of StringTarget group logical IDs

TrafficRoute Structure

PropertyTypeDescription
TypeStringAWS::ElasticLoadBalancingV2::Listener
LogicalIDStringLogical ID of the listener

Example

Hooks:
  BlueGreenHook:
    Type: AWS::CodeDeploy::BlueGreen
    Properties:
      TrafficRoutingConfig:
        Type: TimeBasedCanary
        TimeBasedCanary:
          StepPercentage: 15
          BakeTimeMins: 5
      AdditionalOptions:
        TerminationWaitTimeInMinutes: 5
      ServiceRole: !Ref CodeDeployRoleArn
      Applications:
        - Target:
            Type: AWS::ECS::Service
            LogicalID: EcsService
          ECSAttributes:
            TaskDefinitions:
              - TaskDefinitionBlue
              - TaskDefinitionGreen
            TaskSets:
              - TaskSetBlue
              - TaskSetGreen
            TrafficRouting:
              ProdTrafficRoute:
                Type: AWS::ElasticLoadBalancingV2::Listener
                LogicalID: ProductionListener
              TestTrafficRoute:
                Type: AWS::ElasticLoadBalancingV2::Listener
                LogicalID: TestListener
              TargetGroups:
                - BlueTargetGroup
                - GreenTargetGroup

AWS::ElasticLoadBalancingV2::TargetGroup

Creates a target group for ALB.

Properties

PropertyTypeRequiredDescription
NameStringNoName of the target group
PortIntegerYesPort on the targets
ProtocolStringYesProtocol (HTTP, HTTPS, TCP, TLS)
VpcIdStringYesVPC ID
HealthCheckPathStringNoHealth check path
HealthCheckProtocolStringNoHealth check protocol
HealthCheckPortStringNoHealth check port
HealthCheckIntervalSecondsIntegerNoInterval (5-300)
HealthCheckTimeoutSecondsIntegerNoTimeout (2-60)
HealthyThresholdCountIntegerNoHealthy threshold (2-10)
UnhealthyThresholdCountIntegerNoUnhealthy threshold (2-10)
MatcherMatcherNoSuccess codes
TargetTypeStringNoinstance, ip, lambda
IpAddressTypeStringNoipv4, ipv6
TagsList of TagNoTags

Matcher Structure

PropertyTypeDescription
HttpCodeStringHTTP status code(s)
GrpcCodeStringgRPC status code(s)

Example

Resources:
  BlueTargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      Name: !Sub "${AWS::StackName}-blue-tg"
      Port: 80
      Protocol: HTTP
      VpcId: !Ref VpcId
      HealthCheckPath: /health
      HealthCheckIntervalSeconds: 30
      HealthCheckTimeoutSeconds: 5
      HealthyThresholdCount: 2
      UnhealthyThresholdCount: 3
      Matcher:
        HttpCode: 200-499
      TargetType: ip

Attributes

AttributeDescription
TargetGroupArnThe ARN of the target group
TargetGroupNameThe name of the target group

AWS::ElasticLoadBalancingV2::Listener

Creates a listener for ALB.

Properties

PropertyTypeRequiredDescription
DefaultActionsList of ActionYesDefault actions
LoadBalancerArnStringYesARN of the load balancer
PortIntegerYesPort (1-65535)
ProtocolStringYesProtocol (HTTP, HTTPS, TCP, TLS)
CertificatesList of CertificateNoCertificates
SslPolicyStringNoSSL policy (HTTPS/TLS only)

Action Structure

PropertyTypeDescription
TypeStringforward, redirect, authenticate-oidc, authenticate-cognito, fixed-response
TargetGroupArnStringTarget group ARN
ForwardConfigForwardConfigForward config
RedirectConfigRedirectConfigRedirect config

Example

Resources:
  ProductionListener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      DefaultActions:
        - Type: forward
          ForwardConfig:
            TargetGroupStickinessConfig:
              Enabled: true
              DurationSeconds: 3600
            TargetGroups:
              - TargetGroupArn: !Ref BlueTargetGroup
                Weight: 100
      LoadBalancerArn: !Ref ApplicationLoadBalancer
      Port: 80
      Protocol: HTTP

Intrinsic Functions Reference

!Ref

Returns the value of the specified parameter or resource.

# Reference a parameter
ClusterName: !Ref ClusterNameParam

# Reference a resource (returns the physical ID)
ClusterArn: !Ref ECSCluster

!GetAtt

Returns the value of an attribute from an ECS resource.

# Get the cluster ARN
ClusterArn: !GetAtt ECSCluster.Arn

# Get service ARN
ServiceArn: !GetAtt EcsService.Arn

# Get task definition ARN
TaskDefinitionArn: !Ref TaskDefinition

!Sub

Substitutes variables in an input string.

# With variable substitution
ClusterName: !Sub "${AWS::StackName}-cluster"

# With multiple variables
RoleArn: !Sub "arn:aws:iam::${AWS::AccountId}:role/${RoleName}"

!ImportValue

Imports values exported by other stacks.

# Import from another stack
ClusterArn: !ImportValue
  !Sub "${NetworkStackName}-ClusterArn"

!FindInMap

Returns the value from a mapping.

# Find in mapping
MemorySize: !FindInMap [EnvironmentConfig, !Ref Environment, Memory]

!If

Returns one value if condition is true, another if false.

# Conditional resource
DesiredCount: !If [IsProduction, 10, 2]

IAM Policy Templates for ECS

AmazonECSTaskExecutionRolePolicy

Policies:
  - AmazonECSTaskExecutionRolePolicy

Custom Policy for ECR

Policies:
  - PolicyName: EcrPullPolicy
    PolicyDocument:
      Version: "2012-10-17"
      Statement:
        - Effect: Allow
          Action:
            - ecr:GetDownloadUrlForLayer
            - ecr:BatchGetImage
            - ecr:BatchCheckLayerAvailability
          Resource: !Ref EcrRepositoryArn

Custom Policy for Secrets

Policies:
  - PolicyName: SecretsPolicy
    PolicyDocument:
      Version: "2012-10-17"
      Statement:
        - Effect: Allow
          Action:
            - secretsmanager:GetSecretValue
          Resource: !Ref SecretArn

Custom Policy for CloudWatch Logs

Policies:
  - PolicyName: CloudWatchLogsPolicy
    PolicyDocument:
      Version: "2012-10-17"
      Statement:
        - Effect: Allow
          Action:
            - logs:CreateLogStream
            - logs:PutLogEvents
          Resource: !GetAtt LogGroup.Arn

ECS Task Definition Parameters

CPU and Memory Values

CPU UnitsMemory Options (MiB)
1284-1024
2564-2048
5124-4096
10248-8192
204816-16384
409632-30720

Fargate CPU/Memory Combinations

CPU (vCPU)Memory (GiB)
0.250.5, 1, 2
0.51, 2, 3, 4
12, 3, 4, 5, 6, 7, 8
24, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16
48-30
816-60

Container Sizes

Container SizeMemory Hard LimitMemory Soft Limit
Small512 MiB256 MiB
Medium1024 MiB512 MiB
Large2048 MiB1024 MiB
X-Large4096 MiB2048 MiB

Common Tags for ECS

Resources:
  EcsService:
    Type: AWS::ECS::Service
    Properties:
      Tags:
        - Key: Environment
          Value: !Ref Environment
        - Key: Project
          Value: !Ref ProjectName
        - Key: Owner
          Value: team@example.com
        - Key: ManagedBy
          Value: CloudFormation
        - Key: CostCenter
          Value: "12345"
        - Key: Version
          Value: "1.0.0"

Limits and Quotas

ECS Limits

ResourceDefault Limit
Clusters per account1000
Services per cluster500
Tasks per service (EC2)1000
Tasks per service (Fargate)200
Container instances per cluster1000
Container definitions per task10
Volumes per task5
Port mappings per container100

Fargate Limits

ResourceDefault Limit
Tasks per launch10
CPU (vCPU)0.25-16
Memory (GiB)0.5-120
Ephemeral storage (GB)20-200

CloudWatch Limits

MetricLimit
Dimensions per metric30
Alarm actions5
Metric data points150000

Health Check Best Practices

Health Check Command Examples

HealthCheck:
  Command:
    - CMD-SHELL
    - curl -f http://localhost:8080/health || exit 1
  Interval: 30
  Timeout: 5
  Retries: 3
  StartPeriod: 60

HTTP Health Check

HealthCheck:
  Command:
    - CMD-SHELL
    - wget --no-verbose --tries=1 --spider http://localhost:8080/health || exit 1

TCP Health Check

HealthCheck:
  Command:
    - CMD-SHELL
    - nc -z localhost 8080 || exit 1

Health Check Considerations

  • Set StartPeriod to allow container initialization
  • Keep Interval reasonable (15-30 seconds)
  • Set Timeout shorter than interval
  • Set Retries appropriately (2-3)
  • Use specific endpoint for health checks

plugins

developer-kit-aws

skills

aws-cloudformation

aws-cloudformation-ecs

references

examples.md

reference.md

SKILL.md

README.md

tile.json