aws-cdk-lib.aws_ecs.ExecuteCommandConfiguration

interface ExecuteCommandConfiguration

LanguageType name
.NETAmazon.CDK.AWS.ECS.ExecuteCommandConfiguration
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsecs#ExecuteCommandConfiguration
Javasoftware.amazon.awscdk.services.ecs.ExecuteCommandConfiguration
Pythonaws_cdk.aws_ecs.ExecuteCommandConfiguration
TypeScript (source)aws-cdk-lib » aws_ecs » ExecuteCommandConfiguration

The details of the execute command configuration.

For more information, see [ExecuteCommandConfiguration] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-cluster-executecommandconfiguration.html

Example

declare const vpc: ec2.Vpc;
const kmsKey = new kms.Key(this, 'KmsKey');

// Pass the KMS key in the `encryptionKey` field to associate the key to the log group
const logGroup = new logs.LogGroup(this, 'LogGroup', {
  encryptionKey: kmsKey,
});

// Pass the KMS key in the `encryptionKey` field to associate the key to the S3 bucket
const execBucket = new s3.Bucket(this, 'EcsExecBucket', {
  encryptionKey: kmsKey,
});

const cluster = new ecs.Cluster(this, 'Cluster', {
  vpc,
  executeCommandConfiguration: {
    kmsKey,
    logConfiguration: {
      cloudWatchLogGroup: logGroup,
      cloudWatchEncryptionEnabled: true,
      s3Bucket: execBucket,
      s3EncryptionEnabled: true,
      s3KeyPrefix: 'exec-command-output',
    },
    logging: ecs.ExecuteCommandLogging.OVERRIDE,
  },
});

Properties

NameTypeDescription
kmsKey?IKeyThe AWS Key Management Service key ID to encrypt the data between the local client and the container.
logConfiguration?ExecuteCommandLogConfigurationThe log configuration for the results of the execute command actions.
logging?ExecuteCommandLoggingThe log settings to use for logging the execute command session.

kmsKey?

Type: IKey (optional, default: none)

The AWS Key Management Service key ID to encrypt the data between the local client and the container.


logConfiguration?

Type: ExecuteCommandLogConfiguration (optional, default: none)

The log configuration for the results of the execute command actions.

The logs can be sent to CloudWatch Logs or an Amazon S3 bucket.


logging?

Type: ExecuteCommandLogging (optional, default: none)

The log settings to use for logging the execute command session.