feat(ecs-patterns): add ecs exec support (#18663)

Fixes #15769, #15197 Supersedes #15497 by implementing the change for all patterns. This PR implements support for ECS Exec in all ecs-patterns services. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Jun 13, 2022 · 23ee450 · 23ee450
1 parent c946615
commit 23ee450
Show file tree

Hide file tree

Showing 25 changed files with 630 additions and 3 deletions.
diff --git a/packages/@aws-cdk/aws-ecs-patterns/README.md b/packages/@aws-cdk/aws-ecs-patterns/README.md
@@ -733,3 +733,32 @@ const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargat
   loadBalancerName: 'application-lb-name',
 });
 ```
+
+### ECS Exec
+
+You can use ECS Exec to run commands in or get a shell to a container running on an Amazon EC2 instance or on
+AWS Fargate. Enable ECS Exec, by setting `enableExecuteCommand` to `true`.
+
+ECS Exec is supported by all Services i.e. `ApplicationLoadBalanced(Fargate|Ec2)Service`, `ApplicationMultipleTargetGroups(Fargate|Ec2)Service`, `NetworkLoadBalanced(Fargate|Ec2)Service`, `NetworkMultipleTargetGroups(Fargate|Ec2)Service`, `QueueProcessing(Fargate|Ec2)Service`. It is not supported for `ScheduledTask`s.
+
+Read more about ECS Exec in the [ECS Developer Guide](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html). 
+
+Example:
+
+```ts
+declare const cluster: ecs.Cluster;
+const loadBalancedFargateService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, 'Service', {
+  cluster,
+  memoryLimitMiB: 1024,
+  desiredCount: 1,
+  cpu: 512,
+  taskImageOptions: {
+    image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"),
+  },
+  enableExecuteCommand: true
+});
+```
+
+Please note, ECS Exec leverages AWS Systems Manager (SSM). So as a prerequisite for the exec command
+to work, you need to have the SSM plugin for the AWS CLI installed locally. For more information, see
+[Install Session Manager plugin for AWS CLI](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html).
diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/application-load-balanced-service-base.ts
@@ -254,6 +254,12 @@ export interface ApplicationLoadBalancedServiceBaseProps {
    */
   readonly loadBalancerName?: string;
 
+  /**
+   * Whether ECS Exec should be enabled
+   *
+   * @default - false
+   */
+  readonly enableExecuteCommand?: boolean;
 }
 
 export interface ApplicationLoadBalancedTaskImageOptions {

diff --git a/...ges/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts b/...ges/@aws-cdk/aws-ecs-patterns/lib/base/application-multiple-target-groups-service-base.ts
@@ -107,6 +107,13 @@ export interface ApplicationMultipleTargetGroupsServiceBaseProps {
    * @default - default portMapping registered as target group and attached to the first defined listener
    */
   readonly targetGroups?: ApplicationTargetProps[];
+
+  /**
+   * Whether ECS Exec should be enabled
+   *
+   * @default - false
+   */
+  readonly enableExecuteCommand?: boolean;
 }
 
 /**

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-load-balanced-service-base.ts
@@ -182,6 +182,13 @@ export interface NetworkLoadBalancedServiceBaseProps {
    * @default - disabled
    */
   readonly circuitBreaker?: DeploymentCircuitBreaker;
+
+  /**
+   * Whether ECS Exec should be enabled
+   *
+   * @default - false
+   */
+  readonly enableExecuteCommand?: boolean;
 }
 
 export interface NetworkLoadBalancedTaskImageOptions {

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/network-multiple-target-groups-service-base.ts
@@ -98,6 +98,13 @@ export interface NetworkMultipleTargetGroupsServiceBaseProps {
    * @default - default portMapping registered as target group and attached to the first defined listener
    */
   readonly targetGroups?: NetworkTargetProps[];
+
+  /**
+   * Whether ECS Exec should be enabled
+   *
+   * @default - false
+   */
+  readonly enableExecuteCommand?: boolean;
 }
 
 /**

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/base/queue-processing-service-base.ts
@@ -211,6 +211,13 @@ export interface QueueProcessingServiceBaseProps {
    *
    */
   readonly capacityProviderStrategies?: CapacityProviderStrategy[];
+
+  /**
+   * Whether ECS Exec should be enabled
+   *
+   * @default - false
+   */
+  readonly enableExecuteCommand?: boolean;
 }
 
 /**

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-load-balanced-ecs-service.ts
@@ -152,6 +152,7 @@ export class ApplicationLoadBalancedEc2Service extends ApplicationLoadBalancedSe
       cloudMapOptions: props.cloudMapOptions,
       deploymentController: props.deploymentController,
       circuitBreaker: props.circuitBreaker,
+      enableExecuteCommand: props.enableExecuteCommand,
       placementConstraints: props.placementConstraints,
       placementStrategies: props.placementStrategies,
     });

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/application-multiple-target-groups-ecs-service.ts
@@ -167,6 +167,7 @@ export class ApplicationMultipleTargetGroupsEc2Service extends ApplicationMultip
       propagateTags: props.propagateTags,
       enableECSManagedTags: props.enableECSManagedTags,
       cloudMapOptions: props.cloudMapOptions,
+      enableExecuteCommand: props.enableExecuteCommand,
       placementConstraints: props.placementConstraints,
       placementStrategies: props.placementStrategies,
     });

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-load-balanced-ecs-service.ts
@@ -150,6 +150,7 @@ export class NetworkLoadBalancedEc2Service extends NetworkLoadBalancedServiceBas
       cloudMapOptions: props.cloudMapOptions,
       deploymentController: props.deploymentController,
       circuitBreaker: props.circuitBreaker,
+      enableExecuteCommand: props.enableExecuteCommand,
       placementConstraints: props.placementConstraints,
       placementStrategies: props.placementStrategies,
     });

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/network-multiple-target-groups-ecs-service.ts
@@ -167,6 +167,7 @@ export class NetworkMultipleTargetGroupsEc2Service extends NetworkMultipleTarget
       propagateTags: props.propagateTags,
       enableECSManagedTags: props.enableECSManagedTags,
       cloudMapOptions: props.cloudMapOptions,
+      enableExecuteCommand: props.enableExecuteCommand,
       placementConstraints: props.placementConstraints,
       placementStrategies: props.placementStrategies,
     });

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/queue-processing-ecs-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/ecs/queue-processing-ecs-service.ts
@@ -141,6 +141,7 @@ export class QueueProcessingEc2Service extends QueueProcessingServiceBase {
       deploymentController: props.deploymentController,
       circuitBreaker: props.circuitBreaker,
       capacityProviderStrategies: props.capacityProviderStrategies,
+      enableExecuteCommand: props.enableExecuteCommand,
       placementConstraints: props.placementConstraints,
       placementStrategies: props.placementStrategies,
     });

diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/application-load-balanced-fargate-service.ts
@@ -175,6 +175,7 @@ export class ApplicationLoadBalancedFargateService extends ApplicationLoadBalanc
       circuitBreaker: props.circuitBreaker,
       securityGroups: props.securityGroups,
       vpcSubnets: props.taskSubnets,
+      enableExecuteCommand: props.enableExecuteCommand,
     });
     this.addServiceAsTarget(this.service);
   }

diff --git a/...ws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts b/...ws-cdk/aws-ecs-patterns/lib/fargate/application-multiple-target-groups-fargate-service.ts
@@ -184,6 +184,7 @@ export class ApplicationMultipleTargetGroupsFargateService extends ApplicationMu
       enableECSManagedTags: props.enableECSManagedTags,
       cloudMapOptions: props.cloudMapOptions,
       platformVersion: props.platformVersion,
+      enableExecuteCommand: props.enableExecuteCommand,
     });
   }
 }
diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/network-load-balanced-fargate-service.ts
@@ -161,6 +161,7 @@ export class NetworkLoadBalancedFargateService extends NetworkLoadBalancedServic
       deploymentController: props.deploymentController,
       circuitBreaker: props.circuitBreaker,
       vpcSubnets: props.taskSubnets,
+      enableExecuteCommand: props.enableExecuteCommand,
     });
     this.addServiceAsTarget(this.service);
   }

diff --git a/...s/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts b/...s/@aws-cdk/aws-ecs-patterns/lib/fargate/network-multiple-target-groups-fargate-service.ts
@@ -184,6 +184,7 @@ export class NetworkMultipleTargetGroupsFargateService extends NetworkMultipleTa
       enableECSManagedTags: props.enableECSManagedTags,
       cloudMapOptions: props.cloudMapOptions,
       platformVersion: props.platformVersion,
+      enableExecuteCommand: props.enableExecuteCommand,
     });
   }
 }
diff --git a/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/queue-processing-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/lib/fargate/queue-processing-fargate-service.ts
@@ -159,6 +159,7 @@ export class QueueProcessingFargateService extends QueueProcessingServiceBase {
       assignPublicIp: props.assignPublicIp,
       circuitBreaker: props.circuitBreaker,
       capacityProviderStrategies: props.capacityProviderStrategies,
+      enableExecuteCommand: props.enableExecuteCommand,
     });
 
     this.configureAutoscalingForService(this.service);

diff --git a/...aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.ts b/...aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.ts
@@ -17,6 +17,7 @@ new ApplicationMultipleTargetGroupsEc2Service(stack, 'myService', {
   taskImageOptions: {
     image: ContainerImage.fromRegistry('amazon/amazon-ecs-sample'),
   },
+  enableExecuteCommand: true,
   targetGroups: [
     {
       containerPort: 80,