aws-cdk-lib.aws_ecs.Ec2TaskDefinition

class Ec2TaskDefinition (construct)

LanguageType name
.NETAmazon.CDK.AWS.ECS.Ec2TaskDefinition
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsecs#Ec2TaskDefinition
Javasoftware.amazon.awscdk.services.ecs.Ec2TaskDefinition
Pythonaws_cdk.aws_ecs.Ec2TaskDefinition
TypeScript (source)aws-cdk-lib » aws_ecs » Ec2TaskDefinition

Implements IConstruct, IDependable, IResource, ITaskDefinition, IEc2TaskDefinition

The details of a task definition run on an EC2 cluster.

Example

declare const secret: ecs.Secret;

// Create a Task Definition for the container to start
const taskDefinition = new ecs.Ec2TaskDefinition(this, 'TaskDef');
taskDefinition.addContainer('TheContainer', {
  image: ecs.ContainerImage.fromRegistry('example-image'),
  memoryLimitMiB: 256,
  logging: ecs.LogDrivers.splunk({
    secretToken: secret,
    url: 'my-splunk-url',
  }),
});

Initializer

new Ec2TaskDefinition(scope: Construct, id: string, props?: Ec2TaskDefinitionProps)

Parameters

  • scope Construct
  • id string
  • props Ec2TaskDefinitionProps

Constructs a new instance of the Ec2TaskDefinition class.

Construct Props

NameTypeDescription
executionRole?IRoleThe name of the IAM task execution role that grants the ECS agent permission to call AWS APIs on your behalf.
family?stringThe name of a family that this task definition is registered to.
inferenceAccelerators?InferenceAccelerator[]The inference accelerators to use for the containers in the task.
ipcMode?IpcModeThe IPC resource namespace to use for the containers in the task.
networkMode?NetworkModeThe Docker networking mode to use for the containers in the task.
pidMode?PidModeThe process namespace to use for the containers in the task.
placementConstraints?PlacementConstraint[]An array of placement constraint objects to use for the task.
proxyConfiguration?ProxyConfigurationThe configuration details for the App Mesh proxy.
taskRole?IRoleThe name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
volumes?Volume[]The list of volume definitions for the task.

executionRole?

Type: IRole (optional, default: An execution role will be automatically created if you use ECR images in your task definition.)

The name of the IAM task execution role that grants the ECS agent permission to call AWS APIs on your behalf.

The role will be used to retrieve container images from ECR and create CloudWatch log groups.


family?

Type: string (optional, default: Automatically generated name.)

The name of a family that this task definition is registered to.

A family groups multiple versions of a task definition.


inferenceAccelerators?

Type: InferenceAccelerator[] (optional, default: No inference accelerators.)

The inference accelerators to use for the containers in the task.

Not supported in Fargate.


ipcMode?

Type: IpcMode (optional, default: IpcMode used by the task is not specified)

The IPC resource namespace to use for the containers in the task.

Not supported in Fargate and Windows containers.


networkMode?

Type: NetworkMode (optional, default: NetworkMode.BRIDGE for EC2 tasks, AWS_VPC for Fargate tasks.)

The Docker networking mode to use for the containers in the task.

The valid values are NONE, BRIDGE, AWS_VPC, and HOST.


pidMode?

Type: PidMode (optional, default: PidMode used by the task is not specified)

The process namespace to use for the containers in the task.

Not supported in Fargate and Windows containers.


placementConstraints?

Type: PlacementConstraint[] (optional, default: No placement constraints.)

An array of placement constraint objects to use for the task.

You can specify a maximum of 10 constraints per task (this limit includes constraints in the task definition and those specified at run time).


proxyConfiguration?

Type: ProxyConfiguration (optional, default: No proxy configuration.)

The configuration details for the App Mesh proxy.


taskRole?

Type: IRole (optional, default: A task role is automatically created for you.)

The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.


volumes?

Type: Volume[] (optional, default: No volumes are passed to the Docker daemon on a container instance.)

The list of volume definitions for the task.

For more information, see Task Definition Parameter Volumes.

Properties

NameTypeDescription
compatibilityCompatibilityThe task launch type compatibility requirement.
envResourceEnvironmentThe environment this resource belongs to.
familystringThe name of a family that this task definition is registered to.
inferenceAcceleratorsInferenceAccelerator[]Public getter method to access list of inference accelerators attached to the instance.
isEc2CompatiblebooleanReturn true if the task definition can be run on an EC2 cluster.
isExternalCompatiblebooleanReturn true if the task definition can be run on a ECS anywhere cluster.
isFargateCompatiblebooleanReturn true if the task definition can be run on a Fargate cluster.
networkModeNetworkModeThe networking mode to use for the containers in the task.
nodeNodeThe tree node.
stackStackThe stack in which this resource is defined.
taskDefinitionArnstringThe full Amazon Resource Name (ARN) of the task definition.
taskRoleIRoleThe name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.
defaultContainer?ContainerDefinitionDefault container for this task.
ephemeralStorageGiB?numberThe amount (in GiB) of ephemeral storage to be allocated to the task.
executionRole?IRoleExecution role for this task definition.
referencesSecretJsonField?booleanWhether this task definition has at least a container that references a specific JSON field of a secret stored in Secrets Manager.

compatibility

Type: Compatibility

The task launch type compatibility requirement.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


family

Type: string

The name of a family that this task definition is registered to.

A family groups multiple versions of a task definition.


inferenceAccelerators

Type: InferenceAccelerator[]

Public getter method to access list of inference accelerators attached to the instance.


isEc2Compatible

Type: boolean

Return true if the task definition can be run on an EC2 cluster.


isExternalCompatible

Type: boolean

Return true if the task definition can be run on a ECS anywhere cluster.


isFargateCompatible

Type: boolean

Return true if the task definition can be run on a Fargate cluster.


networkMode

Type: NetworkMode

The networking mode to use for the containers in the task.


node

Type: Node

The tree node.


stack

Type: Stack

The stack in which this resource is defined.


taskDefinitionArn

Type: string

The full Amazon Resource Name (ARN) of the task definition.


taskRole

Type: IRole

The name of the IAM role that grants containers in the task permission to call AWS APIs on your behalf.


defaultContainer?

Type: ContainerDefinition (optional)

Default container for this task.

Load balancers will send traffic to this container. The first essential container that is added to this task will become the default container.


ephemeralStorageGiB?

Type: number (optional)

The amount (in GiB) of ephemeral storage to be allocated to the task.

Only supported in Fargate platform version 1.4.0 or later.


executionRole?

Type: IRole (optional)

Execution role for this task definition.


referencesSecretJsonField?

Type: boolean (optional)

Whether this task definition has at least a container that references a specific JSON field of a secret stored in Secrets Manager.

Methods

NameDescription
addContainer(id, props)Adds a new container to the task definition.
addExtension(extension)Adds the specified extension to the task definition.
addFirelensLogRouter(id, props)Adds a firelens log router to the task definition.
addInferenceAccelerator(inferenceAccelerator)Adds an inference accelerator to the task definition.
addPlacementConstraint(constraint)Adds the specified placement constraint to the task definition.
addToExecutionRolePolicy(statement)Adds a policy statement to the task execution IAM role.
addToTaskRolePolicy(statement)Adds a policy statement to the task IAM role.
addVolume(volume)Adds a volume to the task definition.
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
findContainer(containerName)Returns the container that match the provided containerName.
findPortMappingByName(name)Determine the existing port mapping for the provided name.
grantRun(grantee)Grants permissions to run this task definition.
obtainExecutionRole()Creates the task execution IAM role if it doesn't already exist.
toString()Returns a string representation of this construct.
static fromEc2TaskDefinitionArn(scope, id, ec2TaskDefinitionArn)Imports a task definition from the specified task definition ARN.
static fromEc2TaskDefinitionAttributes(scope, id, attrs)Imports an existing Ec2 task definition from its attributes.

addContainer(id, props)

public addContainer(id: string, props: ContainerDefinitionOptions): ContainerDefinition

Parameters

  • id string
  • props ContainerDefinitionOptions

Returns

  • ContainerDefinition

Adds a new container to the task definition.


addExtension(extension)

public addExtension(extension: ITaskDefinitionExtension): void

Parameters

  • extension ITaskDefinitionExtension

Adds the specified extension to the task definition.

Extension can be used to apply a packaged modification to a task definition.


addFirelensLogRouter(id, props)

public addFirelensLogRouter(id: string, props: FirelensLogRouterDefinitionOptions): FirelensLogRouter

Parameters

  • id string
  • props FirelensLogRouterDefinitionOptions

Returns

  • FirelensLogRouter

Adds a firelens log router to the task definition.


addInferenceAccelerator(inferenceAccelerator)

public addInferenceAccelerator(inferenceAccelerator: InferenceAccelerator): void

Parameters

  • inferenceAccelerator InferenceAccelerator

Adds an inference accelerator to the task definition.


addPlacementConstraint(constraint)

public addPlacementConstraint(constraint: PlacementConstraint): void

Parameters

  • constraint PlacementConstraint

Adds the specified placement constraint to the task definition.


addToExecutionRolePolicy(statement)

public addToExecutionRolePolicy(statement: PolicyStatement): void

Parameters

  • statement PolicyStatement

Adds a policy statement to the task execution IAM role.


addToTaskRolePolicy(statement)

public addToTaskRolePolicy(statement: PolicyStatement): void

Parameters

  • statement PolicyStatement

Adds a policy statement to the task IAM role.


addVolume(volume)

public addVolume(volume: Volume): void

Parameters

  • volume Volume

Adds a volume to the task definition.


applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


findContainer(containerName)

public findContainer(containerName: string): ContainerDefinition

Parameters

  • containerName string

Returns

  • ContainerDefinition

Returns the container that match the provided containerName.


findPortMappingByName(name)

public findPortMappingByName(name: string): PortMapping

Parameters

  • name string — : port mapping name.

Returns

  • PortMapping

Determine the existing port mapping for the provided name.


grantRun(grantee)

public grantRun(grantee: IGrantable): Grant

Parameters

  • grantee IGrantable — Principal to grant consume rights to.

Returns

  • Grant

Grants permissions to run this task definition.

This will grant the following permissions:

  • ecs:RunTask
  • iam:PassRole

obtainExecutionRole()

public obtainExecutionRole(): IRole

Returns

  • IRole

Creates the task execution IAM role if it doesn't already exist.


toString()

public toString(): string

Returns

  • string

Returns a string representation of this construct.


static fromEc2TaskDefinitionArn(scope, id, ec2TaskDefinitionArn)

public static fromEc2TaskDefinitionArn(scope: Construct, id: string, ec2TaskDefinitionArn: string): IEc2TaskDefinition

Parameters

  • scope Construct
  • id string
  • ec2TaskDefinitionArn string

Returns

  • IEc2TaskDefinition

Imports a task definition from the specified task definition ARN.


static fromEc2TaskDefinitionAttributes(scope, id, attrs)

public static fromEc2TaskDefinitionAttributes(scope: Construct, id: string, attrs: Ec2TaskDefinitionAttributes): IEc2TaskDefinition

Parameters

  • scope Construct
  • id string
  • attrs Ec2TaskDefinitionAttributes

Returns

  • IEc2TaskDefinition

Imports an existing Ec2 task definition from its attributes.