ECS.yaml

AWSTemplateFormatVersion: 2010-09-09
Description: AWS CloudFormation template to create an ECS Cluster, Task Definition, Service, Task with nginx image in public subnet.(Dependency Network.yaml)
Parameters:
  ECSClusterName:
    Type: String
    Description: Name of the ECS Cluster
    Default: demo-ecs-cluster
  
Resources:
  # Creating Access Role for ECS-Tasks
  ExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: ECS-Task-ExecutionRole
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service: ecs-tasks.amazonaws.com
            Action: 'sts:AssumeRole'
      ManagedPolicyArns:
        - 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'

# Creating ECS Cluster
  MyECSCluster:
    Type: 'AWS::ECS::Cluster'
    Properties:
      ClusterName: !Ref ECSClusterName
      CapacityProviders:
        - FARGATE
        - FARGATE_SPOT
      ClusterSettings:
        - Name: containerInsights
          Value: disabled
      Configuration:
        ExecuteCommandConfiguration:
          Logging: DEFAULT
      ServiceConnectDefaults:
        Namespace: !Ref ECSClusterName

# Creating ECS Task definition
  MyTaskDefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      Family: my-task-definition
      NetworkMode: awsvpc
      RequiresCompatibilities:
        - FARGATE
      ExecutionRoleArn: !Ref ExecutionRole
      # TaskRoleArn: <your-task-role-arn>
      ContainerDefinitions:
        - Name: my-container
          Image: 'nginx:latest'
          PortMappings:
            - ContainerPort: 80
              Protocol: tcp
              AppProtocol: http
              HostPort: 80
      RuntimePlatform:
        CpuArchitecture: X86_64
        OperatingSystemFamily: LINUX    
      Memory: 512
      Cpu: 256

# Creating ECS Service
  MyService:
    Type: AWS::ECS::Service
    DependsOn: MyTaskDefinition
    Properties:
      Cluster: !Ref MyECSCluster
      TaskDefinition: !Ref MyTaskDefinition
      DesiredCount: 1
      LaunchType: FARGATE
      NetworkConfiguration:
        AwsvpcConfiguration:
          AssignPublicIp: ENABLED
          SecurityGroups:
            - !Ref MyECSSecurityGroup
          Subnets:
            - !ImportValue PublicSubnet1Id
            - !ImportValue PublicSubnet2Id

# Creating ECS Security Group
  MyECSSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: ECS-SG
      GroupDescription: "security group for ECS"
      VpcId: !ImportValue VPCId
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0          

Outputs:
  ECSCluster:
    Description: The created cluster.
    Value: !Ref MyECSCluster
  TaskDefinition:
    Description: The created Taskdefinition.
    Value: !Ref MyTaskDefinition