aws_ecs_service
account_id
Type: STRING
capacity_provider_strategy
Type: UNORDERED_LIST_STRUCT
Provider name: capacityProviderStrategy
Description: The capacity provider strategy the service uses. When using the DescribeServices API, this field is omitted if the service was created using a launch type.
base
Type: INT32
Provider name: base
Description: The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0
is used.
capacity_provider
Type: STRING
Provider name: capacityProvider
Description: The short name of the capacity provider.
weight
Type: INT32
Provider name: weight
Description: The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight
value is taken into consideration after the base
value, if defined, is satisfied. If no weight
value is specified, the default value of 0
is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of 0
can’t be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of 0
, any RunTask
or CreateService
actions using the capacity provider strategy will fail. An example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of 1
, then when the base
is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of 1
for capacityProviderA and a weight of 4
for capacityProviderB, then for every one task that’s run using capacityProviderA, four tasks would use capacityProviderB.
cluster_arn
Type: STRING
Provider name: clusterArn
Description: The Amazon Resource Name (ARN) of the cluster that hosts the service.
created_at
Type: TIMESTAMP
Provider name: createdAt
Description: The Unix timestamp for the time when the service was created.
created_by
Type: STRING
Provider name: createdBy
Description: The principal that created the service.
deployment_configuration
Type: STRUCT
Provider name: deploymentConfiguration
Description: Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.
alarms
Type: STRUCT
Provider name: alarms
Description: Information about the CloudWatch alarms.
alarm_names
Type: UNORDERED_LIST_STRING
Provider name: alarmNames
Description: One or more CloudWatch alarm names. Use a “,” to separate the alarms.
enable
Type: BOOLEAN
Provider name: enable
Description: Determines whether to use the CloudWatch alarm option in the service deployment process.
rollback
Type: BOOLEAN
Provider name: rollback
Description: Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.
deployment_circuit_breaker
Type: STRUCT
Provider name: deploymentCircuitBreaker
Description: The deployment circuit breaker can only be used for services using the rolling update (ECS
) deployment type. The deployment circuit breaker determines whether a service deployment will fail if the service can’t reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see Rolling update in the Amazon Elastic Container Service Developer Guide
enable
Type: BOOLEAN
Provider name: enable
Description: Determines whether to use the deployment circuit breaker logic for the service.
rollback
Type: BOOLEAN
Provider name: rollback
Description: Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.
maximum_percent
Type: INT32
Provider name: maximumPercent
Description: If a service is using the rolling update (ECS
) deployment type, the maximumPercent
parameter represents an upper limit on the number of your service’s tasks that are allowed in the RUNNING
or PENDING
state during a deployment, as a percentage of the desiredCount
(rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the REPLICA
service scheduler and has a desiredCount
of four tasks and a maximumPercent
value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default maximumPercent
value for a service using the REPLICA
service scheduler is 200%. If a service is using either the blue/green (CODE_DEPLOY
) or EXTERNAL
deployment types and tasks that use the EC2 launch type, the maximum percent value is set to the default value and is used to define the upper limit on the number of the tasks in the service that remain in the RUNNING
state while the container instances are in the DRAINING
state. If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.
minimum_healthy_percent
Type: INT32
Provider name: minimumHealthyPercent
Description: If a service is using the rolling update (ECS
) deployment type, the minimumHealthyPercent
represents a lower limit on the number of your service’s tasks that must remain in the RUNNING
state during a deployment, as a percentage of the desiredCount
(rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a desiredCount
of four tasks and a minimumHealthyPercent
of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks. For services that do not use a load balancer, the following should be noted:- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.
- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a
RUNNING
state before the task is counted towards the minimum healthy percent total. - If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.
For services that do use a load balancer, the following should be noted:- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.
The default value for a replica service for minimumHealthyPercent
is 100%. The default minimumHealthyPercent
value for a service using the DAEMON
service schedule is 0% for the CLI, the Amazon Web Services SDKs, and the APIs and 50% for the Amazon Web Services Management Console. The minimum number of healthy tasks during a deployment is the desiredCount
multiplied by the minimumHealthyPercent
/100, rounded up to the nearest integer value. If a service is using either the blue/green (CODE_DEPLOY
) or EXTERNAL
deployment types and is running tasks that use the EC2 launch type, the minimum healthy percent value is set to the default value and is used to define the lower limit on the number of the tasks in the service that remain in the RUNNING
state while the container instances are in the DRAINING
state. If a service is using either the blue/green (CODE_DEPLOY
) or EXTERNAL
deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.
deployment_controller
Type: STRUCT
Provider name: deploymentController
Description: The deployment controller type the service is using.
type
Type: STRING
Provider name: type
Description: The deployment controller type to use. There are three deployment controller types available:- ECS
- The rolling update (
ECS
) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the DeploymentConfiguration. - CODE_DEPLOY
- The blue/green (
CODE_DEPLOY
) deployment type uses the blue/green deployment model powered by CodeDeploy, which allows you to verify a new deployment of a service before sending production traffic to it. - EXTERNAL
- The external (
EXTERNAL
) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.
deployments
Type: UNORDERED_LIST_STRUCT
Provider name: deployments
Description: The current state of deployments for the service.
capacity_provider_strategy
Type: UNORDERED_LIST_STRUCT
Provider name: capacityProviderStrategy
Description: The capacity provider strategy that the deployment is using.
base
Type: INT32
Provider name: base
Description: The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0
is used.
capacity_provider
Type: STRING
Provider name: capacityProvider
Description: The short name of the capacity provider.
weight
Type: INT32
Provider name: weight
Description: The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight
value is taken into consideration after the base
value, if defined, is satisfied. If no weight
value is specified, the default value of 0
is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of 0
can’t be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of 0
, any RunTask
or CreateService
actions using the capacity provider strategy will fail. An example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of 1
, then when the base
is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of 1
for capacityProviderA and a weight of 4
for capacityProviderB, then for every one task that’s run using capacityProviderA, four tasks would use capacityProviderB.
created_at
Type: TIMESTAMP
Provider name: createdAt
Description: The Unix timestamp for the time when the service deployment was created.
desired_count
Type: INT32
Provider name: desiredCount
Description: The most recent desired count of tasks that was specified for the service to deploy or maintain.
failed_tasks
Type: INT32
Provider name: failedTasks
Description: The number of consecutively failed tasks in the deployment. A task is considered a failure if the service scheduler can’t launch the task, the task doesn’t transition to a RUNNING
state, or if it fails any of its defined health checks and is stopped. Once a service deployment has one or more successfully running tasks, the failed task count resets to zero and stops being evaluated.
fargate_ephemeral_storage
Type: STRUCT
Provider name: fargateEphemeralStorage
Description: The Fargate ephemeral storage settings for the deployment.
kms_key_id
Type: STRING
Provider name: kmsKeyId
Description: Specify an Key Management Service key ID to encrypt the ephemeral storage for deployment.
id
Type: STRING
Provider name: id
Description: The ID of the deployment.
launch_type
Type: STRING
Provider name: launchType
Description: The launch type the tasks in the service are using. For more information, see Amazon ECS Launch Types in the Amazon Elastic Container Service Developer Guide.
network_configuration
Type: STRUCT
Provider name: networkConfiguration
Description: The VPC subnet and security group configuration for tasks that receive their own elastic network interface by using the awsvpc
networking mode.
awsvpc_configuration
Type: STRUCT
Provider name: awsvpcConfiguration
Description: The VPC subnets and security groups that are associated with a task. All specified subnets and security groups must be from the same VPC.
assign_public_ip
Type: STRING
Provider name: assignPublicIp
Description: Whether the task’s elastic network interface receives a public IP address. The default value is DISABLED
.
security_groups
Type: UNORDERED_LIST_STRING
Provider name: securityGroups
Description: The IDs of the security groups associated with the task or service. If you don’t specify a security group, the default security group for the VPC is used. There’s a limit of 5 security groups that can be specified per AwsVpcConfiguration
. All specified security groups must be from the same VPC.
subnets
Type: UNORDERED_LIST_STRING
Provider name: subnets
Description: The IDs of the subnets associated with the task or service. There’s a limit of 16 subnets that can be specified per AwsVpcConfiguration
. All specified subnets must be from the same VPC.
pending_count
Type: INT32
Provider name: pendingCount
Description: The number of tasks in the deployment that are in the PENDING
status.
platform_family
Type: STRING
Provider name: platformFamily
Description: The operating system that your tasks in the service, or tasks are running on. A platform family is specified only for tasks using the Fargate launch type. All tasks that run as part of this service must use the same platformFamily
value as the service, for example, LINUX.
.
platform_version
Type: STRING
Provider name: platformVersion
Description: The platform version that your tasks in the service run on. A platform version is only specified for tasks using the Fargate launch type. If one isn’t specified, the LATEST
platform version is used. For more information, see Fargate Platform Versions in the Amazon Elastic Container Service Developer Guide.
rollout_state
Type: STRING
Provider name: rolloutState
Description: The rolloutState
of a service is only returned for services that use the rolling update (ECS
) deployment type that aren’t behind a Classic Load Balancer. The rollout state of the deployment. When a service deployment is started, it begins in an IN_PROGRESS
state. When the service reaches a steady state, the deployment transitions to a COMPLETED
state. If the service fails to reach a steady state and circuit breaker is turned on, the deployment transitions to a FAILED
state. A deployment in FAILED
state doesn’t launch any new tasks. For more information, see DeploymentCircuitBreaker.
rollout_state_reason
Type: STRING
Provider name: rolloutStateReason
Description: A description of the rollout state of a deployment.
running_count
Type: INT32
Provider name: runningCount
Description: The number of tasks in the deployment that are in the RUNNING
status.
service_connect_configuration
Type: STRUCT
Provider name: serviceConnectConfiguration
Description: The details of the Service Connect configuration that’s used by this deployment. Compare the configuration between multiple deployments when troubleshooting issues with new deployments. The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace. Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
enabled
Type: BOOLEAN
Provider name: enabled
Description: Specifies whether to use Service Connect with this service.
log_configuration
Type: STRUCT
Provider name: logConfiguration
log_driver
Type: STRING
Provider name: logDriver
Description: The log driver to use for the container. For tasks on Fargate, the supported log drivers are awslogs
, splunk
, and awsfirelens
. For tasks hosted on Amazon EC2 instances, the supported log drivers are awslogs
, fluentd
, gelf
, json-file
, journald
, logentries
,syslog
, splunk
, and awsfirelens
. For more information about using the awslogs
log driver, see Using the awslogs log driver in the Amazon Elastic Container Service Developer Guide. For more information about using the awsfirelens
log driver, see Custom log routing in the Amazon Elastic Container Service Developer Guide. If you have a custom driver that isn’t listed, you can fork the Amazon ECS container agent project that’s available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don’t currently provide support for running modified copies of this software.
options
Type: MAP_STRING_STRING
Provider name: options
Description: The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version –format ‘{{.Server.APIVersion}}’
secret_options
Type: UNORDERED_LIST_STRUCT
Provider name: secretOptions
Description: The secrets to pass to the log configuration. For more information, see Specifying sensitive data in the Amazon Elastic Container Service Developer Guide.
name
Type: STRING
Provider name: name
Description: The name of the secret.
value_from
Type: STRING
Provider name: valueFrom
Description: The secret to expose to the container. The supported values are either the full ARN of the Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store. For information about the require Identity and Access Management permissions, see Required IAM permissions for Amazon ECS secrets (for Secrets Manager) or Required IAM permissions for Amazon ECS secrets (for Systems Manager Parameter store) in the Amazon Elastic Container Service Developer Guide. If the SSM Parameter Store parameter exists in the same Region as the task you’re launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
namespace
Type: STRING
Provider name: namespace
Description: The namespace name or full Amazon Resource Name (ARN) of the Cloud Map namespace for use with Service Connect. The namespace must be in the same Amazon Web Services Region as the Amazon ECS service and cluster. The type of namespace doesn’t affect Service Connect. For more information about Cloud Map, see Working with Services in the Cloud Map Developer Guide.
services
Type: UNORDERED_LIST_STRUCT
Provider name: services
Description: The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service. This field is not required for a “client” Amazon ECS service that’s a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that’s attached to the service or by other means. An object selects a port from the task definition, assigns a name for the Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.
client_aliases
Type: UNORDERED_LIST_STRUCT
Provider name: clientAliases
Description: The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1. Each alias (“endpoint”) is a fully-qualified name and port number that other Amazon ECS tasks (“clients”) can use to connect to this service. Each name and port mapping must be unique within the namespace. For each ServiceConnectService
, you must provide at least one clientAlias
with one port
.
dns_name
Type: STRING
Provider name: dnsName
Description: The dnsName
is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn’t need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can’t start with a hyphen. If this parameter isn’t specified, the default value of discoveryName.namespace
is used. If the discoveryName
isn’t specified, the port mapping name from the task definition is used in portName.namespace
. To avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are database
, db
, or the lowercase name of a database, such as mysql
or redis
. For more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
port
Type: INT32
Provider name: port
Description: The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace. To avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see Service Connect in the Amazon Elastic Container Service Developer Guide.
discovery_name
Type: STRING
Provider name: discoveryName
Description: The discoveryName
is the name of the new Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can’t start with a hyphen. If the discoveryName
isn’t specified, the port mapping name from the task definition is used in portName.namespace
.
ingress_port_override
Type: INT32
Provider name: ingressPortOverride
Description: The port number for the Service Connect proxy to listen on. Use the value of this field to bypass the proxy for traffic on the port number specified in the named portMapping
in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service. In awsvpc
mode and Fargate, the default value is the container port number. The container port number is in the portMapping
in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.
port_name
Type: STRING
Provider name: portName
Description: The portName
must match the name of one of the portMappings
from all the containers in the task definition of this Amazon ECS service.
timeout
Type: STRUCT
Provider name: timeout
Description: A reference to an object that represents the configured timeouts for Service Connect.
idle_timeout_seconds
Type: INT32
Provider name: idleTimeoutSeconds
Description: The amount of time in seconds a connection will stay active while idle. A value of 0
can be set to disable idleTimeout
. The idleTimeout
default for HTTP
/HTTP2
/GRPC
is 5 minutes. The idleTimeout
default for TCP
is 1 hour.
per_request_timeout_seconds
Type: INT32
Provider name: perRequestTimeoutSeconds
Description: The amount of time waiting for the upstream to respond with a complete response per request. A value of 0
can be set to disable perRequestTimeout
. perRequestTimeout
can only be set if Service Connect appProtocol
isn’t TCP
. Only idleTimeout
is allowed for TCP
appProtocol
.
tls
Type: STRUCT
Provider name: tls
Description: A reference to an object that represents a Transport Layer Security (TLS) configuration.
issuer_certificate_authority
Type: STRUCT
Provider name: issuerCertificateAuthority
Description: The signer certificate authority.
aws_pca_authority_arn
Type: STRING
Provider name: awsPcaAuthorityArn
Description: The ARN of the Amazon Web Services Private Certificate Authority certificate.
kms_key
Type: STRING
Provider name: kmsKey
Description: The Amazon Web Services Key Management Service key.
role_arn
Type: STRING
Provider name: roleArn
Description: The Amazon Resource Name (ARN) of the IAM role that’s associated with the Service Connect TLS.
service_connect_resources
Type: UNORDERED_LIST_STRUCT
Provider name: serviceConnectResources
Description: The list of Service Connect resources that are associated with this deployment. Each list entry maps a discovery name to a Cloud Map service name.
discovery_arn
Type: STRING
Provider name: discoveryArn
Description: The Amazon Resource Name (ARN) for the namespace in Cloud Map that matches the discovery name for this Service Connect resource. You can use this ARN in other integrations with Cloud Map. However, Service Connect can’t ensure connectivity outside of Amazon ECS.
discovery_name
Type: STRING
Provider name: discoveryName
Description: The discovery name of this Service Connect resource. The discoveryName
is the name of the new Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can’t start with a hyphen. If the discoveryName
isn’t specified, the port mapping name from the task definition is used in portName.namespace
.
status
Type: STRING
Provider name: status
Description: The status of the deployment. The following describes each state.- PRIMARY
- The most recent deployment of a service.
- ACTIVE
- A service deployment that still has running tasks, but are in the process of being replaced with a new
PRIMARY
deployment. - INACTIVE
- A deployment that has been completely replaced.
task_definition
Type: STRING
Provider name: taskDefinition
Description: The most recent task definition that was specified for the tasks in the service to use.
updated_at
Type: TIMESTAMP
Provider name: updatedAt
Description: The Unix timestamp for the time when the service deployment was last updated.
volume_configurations
Type: UNORDERED_LIST_STRUCT
Provider name: volumeConfigurations
Description: The details of the volume that was configuredAtLaunch
. You can configure different settings like the size, throughput, volumeType, and ecryption in ServiceManagedEBSVolumeConfiguration. The name
of the volume must match the name
from the task definition.
managed_ebs_volume
Type: STRUCT
Provider name: managedEBSVolume
Description: The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.
encrypted
Type: BOOLEAN
Provider name: encrypted
Description: Indicates whether the volume should be encrypted. If no value is specified, encryption is turned on by default. This parameter maps 1:1 with the Encrypted
parameter of the CreateVolume API in the Amazon EC2 API Reference.
filesystem_type
Type: STRING
Provider name: filesystemType
Description: The Linux filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the task will fail to start. The available filesystem types are ext3
, ext4
, and xfs
. If no value is specified, the xfs
filesystem type is used by default.
iops
Type: INT32
Provider name: iops
Description: The number of I/O operations per second (IOPS). For gp3
, io1
, and io2
volumes, this represents the number of IOPS that are provisioned for the volume. For gp2
volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. The following are the supported values for each volume type.gp3
: 3,000 - 16,000 IOPSio1
: 100 - 64,000 IOPSio2
: 100 - 256,000 IOPS
This parameter is required for io1
and io2
volume types. The default for gp3
volumes is 3,000 IOPS
. This parameter is not supported for st1
, sc1
, or standard
volume types. This parameter maps 1:1 with the Iops
parameter of the CreateVolume API in the Amazon EC2 API Reference.
kms_key_id
Type: STRING
Provider name: kmsKeyId
Description: The Amazon Resource Name (ARN) identifier of the Amazon Web Services Key Management Service key to use for Amazon EBS encryption. When encryption is turned on and no Amazon Web Services Key Management Service key is specified, the default Amazon Web Services managed key for Amazon EBS volumes is used. This parameter maps 1:1 with the KmsKeyId
parameter of the CreateVolume API in the Amazon EC2 API Reference. Amazon Web Services authenticates the Amazon Web Services Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.
role_arn
Type: STRING
Provider name: roleArn
Description: The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your Amazon Web Services infrastructure. We recommend using the Amazon ECS-managed AmazonECSInfrastructureRolePolicyForVolumes
IAM policy with this role. For more information, see Amazon ECS infrastructure IAM role in the Amazon ECS Developer Guide.
size_in_gib
Type: INT32
Provider name: sizeInGiB
Description: The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the Size
parameter of the CreateVolume API in the Amazon EC2 API Reference. The following are the supported volume size values for each volume type.gp2
and gp3
: 1-16,384io1
and io2
: 4-16,384st1
and sc1
: 125-16,384standard
: 1-1,024
snapshot_id
Type: STRING
Provider name: snapshotId
Description: The snapshot that Amazon ECS uses to create the volume. You must specify either a snapshot ID or a volume size. This parameter maps 1:1 with the SnapshotId
parameter of the CreateVolume API in the Amazon EC2 API Reference.
tag_specifications
Type: UNORDERED_LIST_STRUCT
Provider name: tagSpecifications
Description: The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the TagSpecifications.N
parameter of the CreateVolume API in the Amazon EC2 API Reference.
propagate_tags
Type: STRING
Provider name: propagateTags
Description: Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a SERVICE
specified in ServiceVolumeConfiguration
. If no value is specified, the tags aren’t propagated.
resource_type
Type: STRING
Provider name: resourceType
Description: The type of volume resource.
throughput
Type: INT32
Provider name: throughput
Description: The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the Throughput
parameter of the CreateVolume API in the Amazon EC2 API Reference. This parameter is only supported for the gp3
volume type.
volume_type
Type: STRING
Provider name: volumeType
Description: The volume type. This parameter maps 1:1 with the VolumeType
parameter of the CreateVolume API in the Amazon EC2 API Reference. For more information, see Amazon EBS volume types in the Amazon EC2 User Guide. The following are the supported volume types.- General Purpose SSD:
gp2
|gp3
- Provisioned IOPS SSD:
io1
|io2
- Throughput Optimized HDD:
st1
- Cold HDD:
sc1
- Magnetic:
standard
The magnetic volume type is not supported on Fargate.
name
Type: STRING
Provider name: name
Description: The name of the volume. This value must match the volume name from the Volume
object in the task definition.
desired_count
Type: INT32
Provider name: desiredCount
Description: The desired number of instantiations of the task definition to keep running on the service. This value is specified when the service is created with CreateService, and it can be modified with UpdateService.
Type: BOOLEAN
Provider name: enableECSManagedTags
Description: Determines whether to use Amazon ECS managed tags for the tasks in the service. For more information, see Tagging Your Amazon ECS Resources in the Amazon Elastic Container Service Developer Guide.
enable_execute_command
Type: BOOLEAN
Provider name: enableExecuteCommand
Description: Determines whether the execute command functionality is turned on for the service. If true
, the execute command functionality is turned on for all containers in tasks as part of the service.
events
Type: UNORDERED_LIST_STRUCT
Provider name: events
Description: The event stream for your service. A maximum of 100 of the latest events are displayed.
created_at
Type: TIMESTAMP
Provider name: createdAt
Description: The Unix timestamp for the time when the event was triggered.
id
Type: STRING
Provider name: id
Description: The ID string for the event.
message
Type: STRING
Provider name: message
Description: The event message.
health_check_grace_period_seconds
Type: INT32
Provider name: healthCheckGracePeriodSeconds
Description: The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started.
launch_type
Type: STRING
Provider name: launchType
Description: The launch type the service is using. When using the DescribeServices API, this field is omitted if the service was created using a capacity provider strategy.
load_balancers
Type: UNORDERED_LIST_STRUCT
Provider name: loadBalancers
Description: A list of Elastic Load Balancing load balancer objects. It contains the load balancer name, the container name, and the container port to access from the load balancer. The container name is as it appears in a container definition.
container_name
Type: STRING
Provider name: containerName
Description: The name of the container (as it appears in a container definition) to associate with the load balancer. You need to specify the container name when configuring the target group for an Amazon ECS load balancer.
container_port
Type: INT32
Provider name: containerPort
Description: The port on the container to associate with the load balancer. This port must correspond to a containerPort
in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they’re launched on must allow ingress traffic on the hostPort
of the port mapping.
load_balancer_name
Type: STRING
Provider name: loadBalancerName
Description: The name of the load balancer to associate with the Amazon ECS service or task set. If you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.
target_group_arn
Type: STRING
Provider name: targetGroupArn
Description: The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. For services using the ECS
deployment controller, you can specify one or multiple target groups. For more information, see Registering multiple target groups with a service in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY
deployment controller, you’re required to define two target groups for the load balancer. For more information, see Blue/green deployment with CodeDeploy in the Amazon Elastic Container Service Developer Guide. If your service’s task definition uses the awsvpc
network mode, you must choose ip
as the target type, not instance
. Do this when creating your target groups because tasks that use the awsvpc
network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.
network_configuration
Type: STRUCT
Provider name: networkConfiguration
Description: The VPC subnet and security group configuration for tasks that receive their own elastic network interface by using the awsvpc
networking mode.
awsvpc_configuration
Type: STRUCT
Provider name: awsvpcConfiguration
Description: The VPC subnets and security groups that are associated with a task. All specified subnets and security groups must be from the same VPC.
assign_public_ip
Type: STRING
Provider name: assignPublicIp
Description: Whether the task’s elastic network interface receives a public IP address. The default value is DISABLED
.
security_groups
Type: UNORDERED_LIST_STRING
Provider name: securityGroups
Description: The IDs of the security groups associated with the task or service. If you don’t specify a security group, the default security group for the VPC is used. There’s a limit of 5 security groups that can be specified per AwsVpcConfiguration
. All specified security groups must be from the same VPC.
subnets
Type: UNORDERED_LIST_STRING
Provider name: subnets
Description: The IDs of the subnets associated with the task or service. There’s a limit of 16 subnets that can be specified per AwsVpcConfiguration
. All specified subnets must be from the same VPC.
pending_count
Type: INT32
Provider name: pendingCount
Description: The number of tasks in the cluster that are in the PENDING
state.
placement_constraints
Type: UNORDERED_LIST_STRUCT
Provider name: placementConstraints
Description: The placement constraints for the tasks in the service.
expression
Type: STRING
Provider name: expression
Description: A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can’t specify an expression if the constraint type is distinctInstance
. For more information, see Cluster query language in the Amazon Elastic Container Service Developer Guide.
type
Type: STRING
Provider name: type
Description: The type of constraint. Use distinctInstance
to ensure that each task in a particular group is running on a different container instance. Use memberOf
to restrict the selection to a group of valid candidates.
placement_strategy
Type: UNORDERED_LIST_STRUCT
Provider name: placementStrategy
Description: The placement strategy that determines how tasks for the service are placed.
field
Type: STRING
Provider name: field
Description: The field to apply the placement strategy against. For the spread
placement strategy, valid values are instanceId
(or host
, which has the same effect), or any platform or custom attribute that’s applied to a container instance, such as attribute:ecs.availability-zone
. For the binpack
placement strategy, valid values are cpu
and memory
. For the random
placement strategy, this field is not used.
type
Type: STRING
Provider name: type
Description: The type of placement strategy. The random
placement strategy randomly places tasks on available candidates. The spread
placement strategy spreads placement across available candidates evenly based on the field
parameter. The binpack
strategy places tasks on available candidates that have the least available amount of the resource that’s specified with the field
parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.
Type: STRING
Provider name: platformFamily
Description: The operating system that your tasks in the service run on. A platform family is specified only for tasks using the Fargate launch type. All tasks that run as part of this service must use the same platformFamily
value as the service (for example, LINUX
).
Type: STRING
Provider name: platformVersion
Description: The platform version to run your service on. A platform version is only specified for tasks that are hosted on Fargate. If one isn’t specified, the LATEST
platform version is used. For more information, see Fargate Platform Versions in the Amazon Elastic Container Service Developer Guide.
Type: STRING
Provider name: propagateTags
Description: Determines whether to propagate the tags from the task definition or the service to the task. If no value is specified, the tags aren’t propagated.
role_arn
Type: STRING
Provider name: roleArn
Description: The ARN of the IAM role that’s associated with the service. It allows the Amazon ECS container agent to register container instances with an Elastic Load Balancing load balancer.
running_count
Type: INT32
Provider name: runningCount
Description: The number of tasks in the cluster that are in the RUNNING
state.
scheduling_strategy
Type: STRING
Provider name: schedulingStrategy
Description: The scheduling strategy to use for the service. For more information, see Services. There are two service scheduler strategies available.
REPLICA
-The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions.DAEMON
-The daemon scheduling strategy deploys exactly one task on each active container instance. This task meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks. It stop tasks that don’t meet the placement constraints. Fargate tasks don’t support the DAEMON
scheduling strategy.
service_arn
Type: STRING
Provider name: serviceArn
Description: The ARN that identifies the service. For more information about the ARN format, see Amazon Resource Name (ARN) in the Amazon ECS Developer Guide.
service_name
Type: STRING
Provider name: serviceName
Description: The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster. However, you can have similarly named services in multiple clusters within a Region or across multiple Regions.
service_registries
Type: UNORDERED_LIST_STRUCT
Provider name: serviceRegistries
Description: The details for the service discovery registries to assign to this service. For more information, see Service Discovery.
container_name
Type: STRING
Provider name: containerName
Description: The container name value to be used for your service discovery service. It’s already specified in the task definition. If the task definition that your service task specifies uses the bridge
or host
network mode, you must specify a containerName
and containerPort
combination from the task definition. If the task definition that your service task specifies uses the awsvpc
network mode and a type SRV DNS record is used, you must specify either a containerName
and containerPort
combination or a port
value. However, you can’t specify both.
container_port
Type: INT32
Provider name: containerPort
Description: The port value to be used for your service discovery service. It’s already specified in the task definition. If the task definition your service task specifies uses the bridge
or host
network mode, you must specify a containerName
and containerPort
combination from the task definition. If the task definition your service task specifies uses the awsvpc
network mode and a type SRV DNS record is used, you must specify either a containerName
and containerPort
combination or a port
value. However, you can’t specify both.
port
Type: INT32
Provider name: port
Description: The port value used if your service discovery service specified an SRV record. This field might be used if both the awsvpc
network mode and SRV records are used.
registry_arn
Type: STRING
Provider name: registryArn
Description: The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is Cloud Map. For more information, see CreateService.
status
Type: STRING
Provider name: status
Description: The status of the service. The valid values are ACTIVE
, DRAINING
, or INACTIVE
.
Type: UNORDERED_LIST_STRING
task_definition
Type: STRING
Provider name: taskDefinition
Description: The task definition to use for tasks in the service. This value is specified when the service is created with CreateService, and it can be modified with UpdateService.
task_sets
Type: UNORDERED_LIST_STRUCT
Provider name: taskSets
Description: Information about a set of Amazon ECS tasks in either an CodeDeploy or an EXTERNAL
deployment. An Amazon ECS task set includes details such as the desired number of tasks, how many tasks are running, and whether the task set serves production traffic.
capacity_provider_strategy
Type: UNORDERED_LIST_STRUCT
Provider name: capacityProviderStrategy
Description: The capacity provider strategy that are associated with the task set.
base
Type: INT32
Provider name: base
Description: The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0
is used.
capacity_provider
Type: STRING
Provider name: capacityProvider
Description: The short name of the capacity provider.
weight
Type: INT32
Provider name: weight
Description: The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight
value is taken into consideration after the base
value, if defined, is satisfied. If no weight
value is specified, the default value of 0
is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of 0
can’t be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of 0
, any RunTask
or CreateService
actions using the capacity provider strategy will fail. An example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of 1
, then when the base
is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of 1
for capacityProviderA and a weight of 4
for capacityProviderB, then for every one task that’s run using capacityProviderA, four tasks would use capacityProviderB.
cluster_arn
Type: STRING
Provider name: clusterArn
Description: The Amazon Resource Name (ARN) of the cluster that the service that hosts the task set exists in.
computed_desired_count
Type: INT32
Provider name: computedDesiredCount
Description: The computed desired count for the task set. This is calculated by multiplying the service’s desiredCount
by the task set’s scale
percentage. The result is always rounded up. For example, if the computed desired count is 1.2, it rounds up to 2 tasks.
created_at
Type: TIMESTAMP
Provider name: createdAt
Description: The Unix timestamp for the time when the task set was created.
external_id
Type: STRING
Provider name: externalId
Description: The external ID associated with the task set. If an CodeDeploy deployment created a task set, the externalId
parameter contains the CodeDeploy deployment ID. If a task set is created for an external deployment and is associated with a service discovery registry, the externalId
parameter contains the ECS_TASK_SET_EXTERNAL_ID
Cloud Map attribute.
fargate_ephemeral_storage
Type: STRUCT
Provider name: fargateEphemeralStorage
Description: The Fargate ephemeral storage settings for the task set.
kms_key_id
Type: STRING
Provider name: kmsKeyId
Description: Specify an Key Management Service key ID to encrypt the ephemeral storage for deployment.
id
Type: STRING
Provider name: id
Description: The ID of the task set.
launch_type
Type: STRING
Provider name: launchType
Description: The launch type the tasks in the task set are using. For more information, see Amazon ECS launch types in the Amazon Elastic Container Service Developer Guide.
load_balancers
Type: UNORDERED_LIST_STRUCT
Provider name: loadBalancers
Description: Details on a load balancer that are used with a task set.
container_name
Type: STRING
Provider name: containerName
Description: The name of the container (as it appears in a container definition) to associate with the load balancer. You need to specify the container name when configuring the target group for an Amazon ECS load balancer.
container_port
Type: INT32
Provider name: containerPort
Description: The port on the container to associate with the load balancer. This port must correspond to a containerPort
in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they’re launched on must allow ingress traffic on the hostPort
of the port mapping.
load_balancer_name
Type: STRING
Provider name: loadBalancerName
Description: The name of the load balancer to associate with the Amazon ECS service or task set. If you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.
target_group_arn
Type: STRING
Provider name: targetGroupArn
Description: The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. For services using the ECS
deployment controller, you can specify one or multiple target groups. For more information, see Registering multiple target groups with a service in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY
deployment controller, you’re required to define two target groups for the load balancer. For more information, see Blue/green deployment with CodeDeploy in the Amazon Elastic Container Service Developer Guide. If your service’s task definition uses the awsvpc
network mode, you must choose ip
as the target type, not instance
. Do this when creating your target groups because tasks that use the awsvpc
network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.
network_configuration
Type: STRUCT
Provider name: networkConfiguration
Description: The network configuration for the task set.
awsvpc_configuration
Type: STRUCT
Provider name: awsvpcConfiguration
Description: The VPC subnets and security groups that are associated with a task. All specified subnets and security groups must be from the same VPC.
assign_public_ip
Type: STRING
Provider name: assignPublicIp
Description: Whether the task’s elastic network interface receives a public IP address. The default value is DISABLED
.
security_groups
Type: UNORDERED_LIST_STRING
Provider name: securityGroups
Description: The IDs of the security groups associated with the task or service. If you don’t specify a security group, the default security group for the VPC is used. There’s a limit of 5 security groups that can be specified per AwsVpcConfiguration
. All specified security groups must be from the same VPC.
subnets
Type: UNORDERED_LIST_STRING
Provider name: subnets
Description: The IDs of the subnets associated with the task or service. There’s a limit of 16 subnets that can be specified per AwsVpcConfiguration
. All specified subnets must be from the same VPC.
pending_count
Type: INT32
Provider name: pendingCount
Description: The number of tasks in the task set that are in the PENDING
status during a deployment. A task in the PENDING
state is preparing to enter the RUNNING
state. A task set enters the PENDING
status when it launches for the first time or when it’s restarted after being in the STOPPED
state.
platform_family
Type: STRING
Provider name: platformFamily
Description: The operating system that your tasks in the set are running on. A platform family is specified only for tasks that use the Fargate launch type. All tasks in the set must have the same value.
platform_version
Type: STRING
Provider name: platformVersion
Description: The Fargate platform version where the tasks in the task set are running. A platform version is only specified for tasks run on Fargate. For more information, see Fargate platform versions in the Amazon Elastic Container Service Developer Guide.
running_count
Type: INT32
Provider name: runningCount
Description: The number of tasks in the task set that are in the RUNNING
status during a deployment. A task in the RUNNING
state is running and ready for use.
scale
Type: STRUCT
Provider name: scale
Description: A floating-point percentage of your desired number of tasks to place and keep running in the task set.
unit
Type: STRING
Provider name: unit
Description: The unit of measure for the scale value.
value
Type: DOUBLE
Provider name: value
Description: The value, specified as a percent total of a service’s desiredCount
, to scale the task set. Accepted values are numbers between 0 and 100.
service_arn
Type: STRING
Provider name: serviceArn
Description: The Amazon Resource Name (ARN) of the service the task set exists in.
service_registries
Type: UNORDERED_LIST_STRUCT
Provider name: serviceRegistries
Description: The details for the service discovery registries to assign to this task set. For more information, see Service discovery.
container_name
Type: STRING
Provider name: containerName
Description: The container name value to be used for your service discovery service. It’s already specified in the task definition. If the task definition that your service task specifies uses the bridge
or host
network mode, you must specify a containerName
and containerPort
combination from the task definition. If the task definition that your service task specifies uses the awsvpc
network mode and a type SRV DNS record is used, you must specify either a containerName
and containerPort
combination or a port
value. However, you can’t specify both.
container_port
Type: INT32
Provider name: containerPort
Description: The port value to be used for your service discovery service. It’s already specified in the task definition. If the task definition your service task specifies uses the bridge
or host
network mode, you must specify a containerName
and containerPort
combination from the task definition. If the task definition your service task specifies uses the awsvpc
network mode and a type SRV DNS record is used, you must specify either a containerName
and containerPort
combination or a port
value. However, you can’t specify both.
port
Type: INT32
Provider name: port
Description: The port value used if your service discovery service specified an SRV record. This field might be used if both the awsvpc
network mode and SRV records are used.
registry_arn
Type: STRING
Provider name: registryArn
Description: The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is Cloud Map. For more information, see CreateService.
stability_status
Type: STRING
Provider name: stabilityStatus
Description: The stability status. This indicates whether the task set has reached a steady state. If the following conditions are met, the task set are in STEADY_STATE
:- The task
runningCount
is equal to the computedDesiredCount
. - The
pendingCount
is 0
. - There are no tasks that are running on container instances in the
DRAINING
status. - All tasks are reporting a healthy status from the load balancers, service discovery, and container health checks.
If any of those conditions aren’t met, the stability status returns STABILIZING
.
stability_status_at
Type: TIMESTAMP
Provider name: stabilityStatusAt
Description: The Unix timestamp for the time when the task set stability status was retrieved.
started_by
Type: STRING
Provider name: startedBy
Description: The tag specified when a task set is started. If an CodeDeploy deployment created the task set, the startedBy
parameter is CODE_DEPLOY
. If an external deployment created the task set, the startedBy
field isn’t used.
status
Type: STRING
Provider name: status
Description: The status of the task set. The following describes each state.- PRIMARY
- The task set is serving production traffic.
- ACTIVE
- The task set isn’t serving production traffic.
- DRAINING
- The tasks in the task set are being stopped, and their corresponding targets are being deregistered from their target group.
task_definition
Type: STRING
Provider name: taskDefinition
Description: The task definition that the task set is using.
task_set_arn
Type: STRING
Provider name: taskSetArn
Description: The Amazon Resource Name (ARN) of the task set.
updated_at
Type: TIMESTAMP
Provider name: updatedAt
Description: The Unix timestamp for the time when the task set was last updated.