From 95c12c8cfc59c6226997ffca9013b1f4eb7af053 Mon Sep 17 00:00:00 2001 From: Ahmed Hamed Date: Mon, 20 Oct 2025 12:36:01 +0200 Subject: [PATCH] fix(ecs): remove empty CfnClusterCapacityProviderAssociations resource --- ...nteg.managedinstances-capacity-provider.ts | 1 - ...efaultTestDeployAssert3628EE88.assets.json | 20 + ...aultTestDeployAssert3628EE88.template.json | 36 + .../cdk.out | 1 + ...s-no-default-capacity-provider.assets.json | 20 + ...no-default-capacity-provider.template.json | 724 +++++++++++ .../integ.json | 16 + .../manifest.json | 1130 +++++++++++++++++ .../tree.json | 1 + ...dinstances-no-default-capacity-provider.ts | 107 ++ packages/aws-cdk-lib/aws-ecs/lib/cluster.ts | 2 +- .../aws-cdk-lib/aws-ecs/test/cluster.test.ts | 30 + 12 files changed, 2086 insertions(+), 2 deletions(-) create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/cdk.out create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.assets.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.template.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/manifest.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/tree.json create mode 100644 packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.ts diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-capacity-provider.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-capacity-provider.ts index 019b99cea48df..679a4a786698f 100644 --- a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-capacity-provider.ts +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-capacity-provider.ts @@ -106,7 +106,6 @@ new ecs.FargateService(stack, 'ManagedInstancesService', { new integ.IntegTest(app, 'ManagedInstancesCapacityProviders', { testCases: [stack], - regions: ['us-west-2'], }); app.synth(); diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets.json new file mode 100644 index 0000000000000..8911504033a1a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": { + "displayName": "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88 Template", + "source": { + "path": "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-d8d86b35": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json new file mode 100644 index 0000000000000..ad9d0fb73d1dd --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json @@ -0,0 +1,36 @@ +{ + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/cdk.out b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/cdk.out new file mode 100644 index 0000000000000..523a9aac37cbf --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/cdk.out @@ -0,0 +1 @@ +{"version":"48.0.0"} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.assets.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.assets.json new file mode 100644 index 0000000000000..1a21f1b7566f4 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.assets.json @@ -0,0 +1,20 @@ +{ + "version": "48.0.0", + "files": { + "7b3c6e30b8c0bf249b862e552da0dcb05d4d518dc804e22a432b39d673415f20": { + "displayName": "integ-managedinstances-no-default-capacity-provider Template", + "source": { + "path": "integ-managedinstances-no-default-capacity-provider.template.json", + "packaging": "file" + }, + "destinations": { + "current_account-current_region-ec1765bc": { + "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", + "objectKey": "7b3c6e30b8c0bf249b862e552da0dcb05d4d518dc804e22a432b39d673415f20.json", + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" + } + } + } + }, + "dockerImages": {} +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.template.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.template.json new file mode 100644 index 0000000000000..135a0a059682a --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ-managedinstances-no-default-capacity-provider.template.json @@ -0,0 +1,724 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.0.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet1RouteTableAssociation97140677" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.64.0/18", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "VpcPublicSubnet2DefaultRoute97F91067", + "VpcPublicSubnet2RouteTableAssociationDD5762D8" + ] + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 0, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.128.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "AvailabilityZone": { + "Fn::Select": [ + 1, + { + "Fn::GetAZs": "" + } + ] + }, + "CidrBlock": "10.0.192.0/18", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + }, + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "integ-managedinstances-no-default-capacity-provider/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + }, + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ManagedInstancesClusterDC139296": { + "Type": "AWS::ECS::Cluster" + }, + "InfrastructureRoleB0C76DC8": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/AmazonECSInfrastructureRolePolicyForManagedInstances" + ] + ] + } + ], + "RoleName": "InfrastructureRole" + } + }, + "InstanceRole3CCE2F1D": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/AmazonECSInstanceRolePolicyForManagedInstances" + ] + ] + } + ], + "RoleName": "InstanceRole" + } + }, + "InstanceRoleDefaultPolicy1531605C": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "iam:PassRole", + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "InfrastructureRoleB0C76DC8", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "InstanceRoleDefaultPolicy1531605C", + "Roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "InstanceProfile9F2F41CB": { + "Type": "AWS::IAM::InstanceProfile", + "Properties": { + "InstanceProfileName": "InstanceProfile", + "Roles": [ + { + "Ref": "InstanceRole3CCE2F1D" + } + ] + } + }, + "ManagedInstancesSecurityGroupC479A9F6": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Security group for ManagedInstances capacity provider instances", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "ManagedInstancesCapacityProviderC2946447": { + "Type": "AWS::ECS::CapacityProvider", + "Properties": { + "ClusterName": { + "Ref": "ManagedInstancesClusterDC139296" + }, + "ManagedInstancesProvider": { + "InfrastructureRoleArn": { + "Fn::GetAtt": [ + "InfrastructureRoleB0C76DC8", + "Arn" + ] + }, + "InstanceLaunchTemplate": { + "Ec2InstanceProfileArn": { + "Fn::GetAtt": [ + "InstanceProfile9F2F41CB", + "Arn" + ] + }, + "InstanceRequirements": { + "AcceleratorManufacturers": [ + "nvidia" + ], + "CpuManufacturers": [ + "intel" + ], + "MemoryMiB": { + "Min": 2048 + }, + "VCpuCount": { + "Min": 1 + } + }, + "NetworkConfiguration": { + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ManagedInstancesSecurityGroupC479A9F6", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "PropagateTags": "CAPACITY_PROVIDER" + } + } + }, + "TaskDefTaskRole1EDB4A67": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "TaskDef54694570": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "public.ecr.aws/docker/library/httpd:2.4", + "Memory": 512, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "256", + "Family": "integmanagedinstancesnodefaultcapacityproviderTaskDef31EB4AE9", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE", + "MANAGED_INSTANCES" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "TaskDefTaskRole1EDB4A67", + "Arn" + ] + } + } + }, + "ManagedInstancesServiceDFC92B6D": { + "Type": "AWS::ECS::Service", + "Properties": { + "CapacityProviderStrategy": [ + { + "CapacityProvider": { + "Ref": "ManagedInstancesCapacityProviderC2946447" + }, + "Weight": 1 + } + ], + "Cluster": { + "Ref": "ManagedInstancesClusterDC139296" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "DesiredCount": 1, + "EnableECSManagedTags": false, + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "ManagedInstancesServiceSecurityGroupF72D809E", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "TaskDef54694570" + } + }, + "DependsOn": [ + "TaskDefTaskRole1EDB4A67" + ] + }, + "ManagedInstancesServiceSecurityGroupF72D809E": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "TaskDefTaskRole1EDB4A67" + ] + } + }, + "Parameters": { + "BootstrapVersion": { + "Type": "AWS::SSM::Parameter::Value", + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" + } + }, + "Rules": { + "CheckBootstrapVersion": { + "Assertions": [ + { + "Assert": { + "Fn::Not": [ + { + "Fn::Contains": [ + [ + "1", + "2", + "3", + "4", + "5" + ], + { + "Ref": "BootstrapVersion" + } + ] + } + ] + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." + } + ] + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ.json new file mode 100644 index 0000000000000..e32495c0d00f6 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/integ.json @@ -0,0 +1,16 @@ +{ + "version": "48.0.0", + "testCases": { + "ManagedInstancesCapacityProviders/DefaultTest": { + "stacks": [ + "integ-managedinstances-no-default-capacity-provider" + ], + "regions": [ + "us-west-2" + ], + "assertionStack": "ManagedInstancesCapacityProviders/DefaultTest/DeployAssert", + "assertionStackName": "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88" + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/manifest.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/manifest.json new file mode 100644 index 0000000000000..c0b31d3232d37 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/manifest.json @@ -0,0 +1,1130 @@ +{ + "version": "48.0.0", + "artifacts": { + "integ-managedinstances-no-default-capacity-provider.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "integ-managedinstances-no-default-capacity-provider.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "integ-managedinstances-no-default-capacity-provider": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "integ-managedinstances-no-default-capacity-provider.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/7b3c6e30b8c0bf249b862e552da0dcb05d4d518dc804e22a432b39d673415f20.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "integ-managedinstances-no-default-capacity-provider.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "integ-managedinstances-no-default-capacity-provider.assets" + ], + "metadata": { + "/integ-managedinstances-no-default-capacity-provider/Vpc": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "maxAzs": "*", + "restrictDefaultSecurityGroup": false + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "Vpc8378EB38" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1Subnet5C2D37C4" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTable6C95E38E" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1RouteTableAssociation97140677" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1DefaultRoute3DA9E72A" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1EIPD7E02669" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet1NATGateway4D7517AA" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": true, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addNatGateway": [ + "*" + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTable94F7E489" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2RouteTableAssociationDD5762D8" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2DefaultRoute97F91067" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/EIP": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2EIP3C605A87" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/NATGateway": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPublicSubnet2NATGateway9182C01D" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1Subnet536B997A" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableB2C5B500" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1RouteTableAssociation70C59FA6" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet1DefaultRouteBE02A9ED" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:construct", + "data": { + "availabilityZone": "*", + "vpcId": "*", + "cidrBlock": "*", + "mapPublicIpOnLaunch": false, + "ipv6CidrBlock": "*", + "assignIpv6AddressOnCreation": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": {} + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/Subnet": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2Subnet3788AAA1" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/RouteTable": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableA678073B" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/RouteTableAssociation": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2RouteTableAssociationA89CAD56" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/DefaultRoute": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcPrivateSubnet2DefaultRoute060D2087" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/IGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcIGWD7BA715C" + } + ], + "/integ-managedinstances-no-default-capacity-provider/Vpc/VPCGW": [ + { + "type": "aws:cdk:logicalId", + "data": "VpcVPCGWBF912B6E" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesCluster": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addManagedInstancesCapacityProvider": [ + "*" + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesCluster/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ManagedInstancesClusterDC139296" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InfrastructureRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "roleName": "*", + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "grantPassRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "grant": [ + "*", + "*" + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/InfrastructureRole/ImportInfrastructureRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InfrastructureRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InfrastructureRoleB0C76DC8" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "roleName": "*", + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + }, + "managedPolicies": [ + { + "managedPolicyArn": "*" + } + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addToPrincipalPolicy": [ + {} + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachInlinePolicy": [ + "*" + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceRole/ImportInstanceRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRole3CCE2F1D" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceRole/DefaultPolicy": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "attachToRole": [ + "*" + ] + } + }, + { + "type": "aws:cdk:analytics:method", + "data": { + "addStatements": [ + {} + ] + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceRole/DefaultPolicy/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceRoleDefaultPolicy1531605C" + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceProfile": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "instanceProfileName": "*", + "role": "*" + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/InstanceProfile/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "InstanceProfile9F2F41CB" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesSecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*", + "description": "*", + "allowAllOutbound": true + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesSecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ManagedInstancesSecurityGroupC479A9F6" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesCapacityProvider": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesCapacityProvider/ManagedInstancesCapacityProvider": [ + { + "type": "aws:cdk:logicalId", + "data": "ManagedInstancesCapacityProviderC2946447" + } + ], + "/integ-managedinstances-no-default-capacity-provider/TaskDef": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + }, + { + "type": "aws:cdk:analytics:method", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "assumedBy": { + "principalAccount": "*", + "assumeRoleAction": "*" + } + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole/ImportTaskRole": [ + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TaskDefTaskRole1EDB4A67" + } + ], + "/integ-managedinstances-no-default-capacity-provider/TaskDef/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "TaskDef54694570" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesService": [ + { + "type": "aws:cdk:warning", + "data": "minHealthyPercent has not been configured so the default value of 50% is used. The number of running tasks will decrease below the desired count during deployments etc. See https://github.com/aws/aws-cdk/issues/31705 [ack: @aws-cdk/aws-ecs:minHealthyPercent]" + }, + { + "type": "aws:cdk:analytics:construct", + "data": "*" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/Service": [ + { + "type": "aws:cdk:logicalId", + "data": "ManagedInstancesServiceDFC92B6D" + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup": [ + { + "type": "aws:cdk:analytics:construct", + "data": { + "vpc": "*" + } + } + ], + "/integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup/Resource": [ + { + "type": "aws:cdk:logicalId", + "data": "ManagedInstancesServiceSecurityGroupF72D809E" + } + ], + "/integ-managedinstances-no-default-capacity-provider/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/integ-managedinstances-no-default-capacity-provider/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "integ-managedinstances-no-default-capacity-provider" + }, + "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets": { + "type": "cdk:asset-manifest", + "properties": { + "file": "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88": { + "type": "aws:cloudformation:stack", + "environment": "aws://unknown-account/unknown-region", + "properties": { + "templateFile": "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.template.json", + "terminationProtection": false, + "validateOnSynth": false, + "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}", + "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}", + "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json", + "requiresBootstrapStackVersion": 6, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version", + "additionalDependencies": [ + "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets" + ], + "lookupRole": { + "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}", + "requiresBootstrapStackVersion": 8, + "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version" + } + }, + "dependencies": [ + "ManagedInstancesCapacityProvidersDefaultTestDeployAssert3628EE88.assets" + ], + "metadata": { + "/ManagedInstancesCapacityProviders/DefaultTest/DeployAssert/BootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "BootstrapVersion" + } + ], + "/ManagedInstancesCapacityProviders/DefaultTest/DeployAssert/CheckBootstrapVersion": [ + { + "type": "aws:cdk:logicalId", + "data": "CheckBootstrapVersion" + } + ] + }, + "displayName": "ManagedInstancesCapacityProviders/DefaultTest/DeployAssert" + }, + "Tree": { + "type": "cdk:tree", + "properties": { + "file": "tree.json" + } + }, + "aws-cdk-lib/feature-flag-report": { + "type": "cdk:feature-flag-report", + "properties": { + "module": "aws-cdk-lib", + "flags": { + "@aws-cdk/aws-signer:signingProfileNamePassedToCfn": { + "recommendedValue": true, + "explanation": "Pass signingProfileName to CfnSigningProfile" + }, + "@aws-cdk/core:newStyleStackSynthesis": { + "recommendedValue": true, + "explanation": "Switch to new stack synthesis method which enables CI/CD", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:stackRelativeExports": { + "recommendedValue": true, + "explanation": "Name exports based on the construct paths relative to the stack, rather than the global construct path", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": { + "recommendedValue": true, + "explanation": "Disable implicit openListener when custom security groups are provided" + }, + "@aws-cdk/aws-rds:lowercaseDbIdentifier": { + "recommendedValue": true, + "explanation": "Force lowercasing of RDS Cluster names in CDK", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": { + "recommendedValue": true, + "explanation": "Allow adding/removing multiple UsagePlanKeys independently", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeVersionProps": { + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-lambda:recognizeLayerVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to opt in to the updated logical id calculation for Lambda Version created using the `fn.currentVersion`." + }, + "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": { + "recommendedValue": true, + "explanation": "Enable this feature flag to have cloudfront distributions use the security policy TLSv1.2_2021 by default.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:checkSecretUsage": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this flag to make it impossible to accidentally use SecretValues in unsafe locations" + }, + "@aws-cdk/core:target-partitions": { + "recommendedValue": [ + "aws", + "aws-cn" + ], + "explanation": "What regions to include in lookup tables of environment agnostic stacks" + }, + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": { + "userValue": true, + "recommendedValue": true, + "explanation": "ECS extensions will automatically add an `awslogs` driver if no logging is specified" + }, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to have Launch Templates generated by the `InstanceRequireImdsv2Aspect` use unique names." + }, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": { + "userValue": true, + "recommendedValue": true, + "explanation": "ARN format used by ECS. In the new ARN format, the cluster name is part of the resource ID." + }, + "@aws-cdk/aws-iam:minimizePolicies": { + "userValue": true, + "recommendedValue": true, + "explanation": "Minimize IAM policies by combining Statements" + }, + "@aws-cdk/core:validateSnapshotRemovalPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Error on snapshot removal policies on resources that do not support it." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate key aliases that include the stack name" + }, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature flag to create an S3 bucket policy by default in cases where an AWS service would automatically create the Policy if one does not exist." + }, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict KMS key policy for encrypted Queues a bit more" + }, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make default CloudWatch Role behavior safe for multiple API Gateways in one environment" + }, + "@aws-cdk/core:enablePartitionLiterals": { + "userValue": true, + "recommendedValue": true, + "explanation": "Make ARNs concrete if AWS partition is known" + }, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": { + "userValue": true, + "recommendedValue": true, + "explanation": "Event Rules may only push to encrypted SQS queues in the same account" + }, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": { + "userValue": true, + "recommendedValue": true, + "explanation": "Avoid setting the \"ECS\" deployment controller when adding a circuit breaker" + }, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable this feature to by default create default policy names for imported roles that depend on the stack the role is in." + }, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use S3 Bucket Policy instead of ACLs for Server Access Logging" + }, + "@aws-cdk/aws-route53-patters:useCertificate": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use the official `Certificate` resource instead of `DnsValidatedCertificate`" + }, + "@aws-cdk/customresources:installLatestAwsSdkDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "Whether to install the latest SDK by default in AwsCustomResource" + }, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": { + "userValue": true, + "recommendedValue": true, + "explanation": "Use unique resource name for Database Proxy" + }, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Remove CloudWatch alarms from deployment group" + }, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include authorizer configuration in the calculation of the API deployment logical ID." + }, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": { + "userValue": true, + "recommendedValue": true, + "explanation": "Define user data for a launch template by default when a machine image is provided." + }, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": { + "userValue": true, + "recommendedValue": true, + "explanation": "SecretTargetAttachments uses the ResourcePolicy of the attached Secret." + }, + "@aws-cdk/aws-redshift:columnId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Whether to use an ID to track Redshift column changes" + }, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable AmazonEMRServicePolicy_v2 managed policies" + }, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "Restrict access to the VPC default security group" + }, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a unique id for each RequestValidator added to a method" + }, + "@aws-cdk/aws-kms:aliasNameRef": { + "userValue": true, + "recommendedValue": true, + "explanation": "KMS Alias name and keyArn will have implicit reference to KMS Key" + }, + "@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enable grant methods on Aliases imported by name to use kms:ResourceAliases condition" + }, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": { + "userValue": true, + "recommendedValue": true, + "explanation": "Generate a launch template when creating an AutoScalingGroup" + }, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": { + "userValue": true, + "recommendedValue": true, + "explanation": "Include the stack prefix in the stack name generation process" + }, + "@aws-cdk/aws-efs:denyAnonymousAccess": { + "userValue": true, + "recommendedValue": true, + "explanation": "EFS denies anonymous clients accesses" + }, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables support for Multi-AZ with Standby deployment for opensearch domains" + }, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables aws-lambda-nodejs.Function to use the latest available NodeJs runtime as the default" + }, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, mount targets will have a stable logicalId that is linked to the associated subnet." + }, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a scope of InstanceParameterGroup for AuroraClusterInstance with each parameters will change." + }, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, will always use the arn for identifiers for CfnSourceApiAssociation in the GraphqlApi construct rather than id." + }, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, creating an RDS database cluster from a snapshot will only render credentials for snapshot credentials." + }, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the CodeCommit source action is using the default branch name 'main'." + }, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the logical ID of a Lambda permission for a Lambda action includes an alarm ID." + }, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default value for crossAccountKeys to false." + }, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "Enables Pipeline to set the default pipeline type to V2." + }, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, IAM Policy created from KMS key grant will reduce the resource scope to this key only." + }, + "@aws-cdk/pipelines:reduceAssetRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from PipelineAssetsFileRole trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-eks:nodegroupNameAttribute": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, nodegroupName attribute of the provisioned EKS NodeGroup will not have the cluster name prefix." + }, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default volume type of the EBS volume will be GP3" + }, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, remove default deployment alarm settings" + }, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, the custom resource used for `AwsCustomResource` will configure the `logApiResponseData` property as true by default" + }, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": { + "userValue": false, + "recommendedValue": false, + "explanation": "When enabled, Adding notifications to a bucket in the current stack will not remove notification from imported stack." + }, + "@aws-cdk/aws-stepfunctions-tasks:useNewS3UriParametersForBedrockInvokeModelTask": { + "recommendedValue": true, + "explanation": "When enabled, use new props for S3 URI field in task definition of state machine for bedrock invoke model.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/core:explicitStackTags": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, stack tags need to be assigned explicitly on a Stack." + }, + "@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": { + "userValue": false, + "recommendedValue": false, + "explanation": "When set to true along with canContainersAccessInstanceRole=false in ECS cluster, new updated commands will be added to UserData to block container accessing IMDS. **Applicable to Linux only. IMPORTANT: See [details.](#aws-cdkaws-ecsenableImdsBlockingDeprecatedFeature)**" + }, + "@aws-cdk/aws-ecs:disableEcsImdsBlocking": { + "userValue": false, + "recommendedValue": true, + "explanation": "When set to true, CDK synth will throw exception if canContainersAccessInstanceRole is false. **IMPORTANT: See [details.](#aws-cdkaws-ecsdisableEcsImdsBlocking)**" + }, + "@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, we will only grant the necessary permissions when users specify cloudwatch log group through logConfiguration" + }, + "@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled will allow you to specify a resource policy per replica, and not copy the source table policy to all replicas" + }, + "@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, initOptions.timeout and resourceSignalTimeout values will be summed together." + }, + "@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, a Lambda authorizer Permission created when using GraphqlApi will be properly scoped with a SourceArn." + }, + "@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the value of property `instanceResourceId` in construct `DatabaseInstanceReadReplica` will be set to the correct value which is `DbiResourceId` instead of currently `DbInstanceArn`" + }, + "@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CFN templates added with `cfn-include` will error if the template contains Resource Update or Create policies with CFN Intrinsics that include non-primitive values." + }, + "@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, both `@aws-sdk` and `@smithy` packages will be excluded from the Lambda Node.js 18.x runtime to prevent version mismatches in bundled applications." + }, + "@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resource of IAM Run Ecs policy generated by SFN EcsRunTask will reference the definition, instead of constructing ARN." + }, + "@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the BastionHost construct will use the latest Amazon Linux 2023 AMI, instead of Amazon Linux 2." + }, + "@aws-cdk/core:aspectStabilization": { + "recommendedValue": true, + "explanation": "When enabled, a stabilization loop will be run when invoking Aspects during synthesis.", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, use a new method for DNS Name of user pool domain target without creating a custom resource." + }, + "@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default security group ingress rules will allow IPv6 ingress from anywhere" + }, + "@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the default behaviour of OIDC provider will reject unauthorized connections" + }, + "@aws-cdk/core:enableAdditionalMetadataCollection": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will expand the scope of usage data collected to better inform CDK development and improve communication for security concerns and emerging issues." + }, + "@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": { + "userValue": false, + "recommendedValue": false, + "explanation": "[Deprecated] When enabled, Lambda will create new inline policies with AddToRolePolicy instead of adding to the Default Policy Statement" + }, + "@aws-cdk/aws-s3:setUniqueReplicationRoleName": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK will automatically generate a unique role name that is used for s3 object replication." + }, + "@aws-cdk/pipelines:reduceStageRoleTrustScope": { + "recommendedValue": true, + "explanation": "Remove the root account principal from Stage addActions trust policy", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-events:requireEventBusPolicySid": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, grantPutEventsTo() will use resource policies with Statement IDs for service principals." + }, + "@aws-cdk/core:aspectPrioritiesMutating": { + "userValue": true, + "recommendedValue": true, + "explanation": "When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING." + }, + "@aws-cdk/aws-dynamodb:retainTableReplica": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, table replica will be default to the removal policy of source table unless specified otherwise." + }, + "@aws-cdk/cognito:logUserPoolClientSecretValue": { + "recommendedValue": false, + "explanation": "When disabled, the value of the user pool client secret will not be logged in the custom resource lambda function logs." + }, + "@aws-cdk/pipelines:reduceCrossAccountActionRoleTrustScope": { + "recommendedValue": true, + "explanation": "When enabled, scopes down the trust policy for the cross-account action role", + "unconfiguredBehavesLike": { + "v2": true + } + }, + "@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the resultWriterV2 property of DistributedMap will be used insted of resultWriter" + }, + "@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": { + "userValue": true, + "recommendedValue": true, + "explanation": "Add an S3 trust policy to a KMS key resource policy for SNS subscriptions." + }, + "@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, the EgressOnlyGateway resource is only created if private subnets are defined in the dual-stack VPC." + }, + "@aws-cdk/aws-ec2-alpha:useResourceIdForVpcV2Migration": { + "recommendedValue": false, + "explanation": "When enabled, use resource IDs for VPC V2 migration" + }, + "@aws-cdk/aws-s3:publicAccessBlockedByDefault": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, setting any combination of options for BlockPublicAccess will automatically set true for any options not defined." + }, + "@aws-cdk/aws-lambda:useCdkManagedLogGroup": { + "userValue": true, + "recommendedValue": true, + "explanation": "When enabled, CDK creates and manages loggroup for the lambda function" + } + } + } + } + }, + "minimumCliVersion": "2.1027.0" +} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/tree.json b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/tree.json new file mode 100644 index 0000000000000..e769747310e73 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.js.snapshot/tree.json @@ -0,0 +1 @@ +{"version":"tree-0.1","tree":{"id":"App","path":"","constructInfo":{"fqn":"aws-cdk-lib.App","version":"0.0.0"},"children":{"integ-managedinstances-no-default-capacity-provider":{"id":"integ-managedinstances-no-default-capacity-provider","path":"integ-managedinstances-no-default-capacity-provider","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"Vpc":{"id":"Vpc","path":"integ-managedinstances-no-default-capacity-provider/Vpc","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.Vpc","version":"0.0.0","metadata":[{"maxAzs":"*","restrictDefaultSecurityGroup":false}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/Vpc/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPC","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPC","aws:cdk:cloudformation:props":{"cidrBlock":"10.0.0.0/16","enableDnsHostnames":true,"enableDnsSupport":true,"instanceTenancy":"default","tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc"}]}}},"PublicSubnet1":{"id":"PublicSubnet1","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.0.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet1RouteTable6C95E38E"}}}},"EIP":{"id":"EIP","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1"}]}}},"NATGateway":{"id":"NATGateway","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet1EIPD7E02669","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet1Subnet5C2D37C4"},"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet1"}]}}}}},"PublicSubnet2":{"id":"PublicSubnet2","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PublicSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":true,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{},{"addNatGateway":["*"]}]},"children":{"Subnet":{"id":"Subnet","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.64.0/18","mapPublicIpOnLaunch":true,"tags":[{"key":"aws-cdk:subnet-name","value":"Public"},{"key":"aws-cdk:subnet-type","value":"Public"},{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","gatewayId":{"Ref":"VpcIGWD7BA715C"},"routeTableId":{"Ref":"VpcPublicSubnet2RouteTable94F7E489"}}}},"EIP":{"id":"EIP","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/EIP","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnEIP","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::EIP","aws:cdk:cloudformation:props":{"domain":"vpc","tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2"}]}}},"NATGateway":{"id":"NATGateway","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2/NATGateway","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnNatGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::NatGateway","aws:cdk:cloudformation:props":{"allocationId":{"Fn::GetAtt":["VpcPublicSubnet2EIP3C605A87","AllocationId"]},"subnetId":{"Ref":"VpcPublicSubnet2Subnet691E08A3"},"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PublicSubnet2"}]}}}}},"PrivateSubnet1":{"id":"PrivateSubnet1","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[0,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.128.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"},"subnetId":{"Ref":"VpcPrivateSubnet1Subnet536B997A"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet1/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet1NATGateway4D7517AA"},"routeTableId":{"Ref":"VpcPrivateSubnet1RouteTableB2C5B500"}}}}}},"PrivateSubnet2":{"id":"PrivateSubnet2","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.PrivateSubnet","version":"0.0.0","metadata":[{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{"availabilityZone":"*","vpcId":"*","cidrBlock":"*","mapPublicIpOnLaunch":false,"ipv6CidrBlock":"*","assignIpv6AddressOnCreation":"*"},{}]},"children":{"Subnet":{"id":"Subnet","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/Subnet","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnet","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Subnet","aws:cdk:cloudformation:props":{"availabilityZone":{"Fn::Select":[1,{"Fn::GetAZs":""}]},"cidrBlock":"10.0.192.0/18","mapPublicIpOnLaunch":false,"tags":[{"key":"aws-cdk:subnet-name","value":"Private"},{"key":"aws-cdk:subnet-type","value":"Private"},{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"Acl":{"id":"Acl","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/Acl","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":[]}},"RouteTable":{"id":"RouteTable","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/RouteTable","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRouteTable","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::RouteTable","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2"}],"vpcId":{"Ref":"Vpc8378EB38"}}}},"RouteTableAssociation":{"id":"RouteTableAssociation","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/RouteTableAssociation","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSubnetRouteTableAssociation","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SubnetRouteTableAssociation","aws:cdk:cloudformation:props":{"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"},"subnetId":{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}}}},"DefaultRoute":{"id":"DefaultRoute","path":"integ-managedinstances-no-default-capacity-provider/Vpc/PrivateSubnet2/DefaultRoute","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnRoute","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::Route","aws:cdk:cloudformation:props":{"destinationCidrBlock":"0.0.0.0/0","natGatewayId":{"Ref":"VpcPublicSubnet2NATGateway9182C01D"},"routeTableId":{"Ref":"VpcPrivateSubnet2RouteTableA678073B"}}}}}},"IGW":{"id":"IGW","path":"integ-managedinstances-no-default-capacity-provider/Vpc/IGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnInternetGateway","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::InternetGateway","aws:cdk:cloudformation:props":{"tags":[{"key":"Name","value":"integ-managedinstances-no-default-capacity-provider/Vpc"}]}}},"VPCGW":{"id":"VPCGW","path":"integ-managedinstances-no-default-capacity-provider/Vpc/VPCGW","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnVPCGatewayAttachment","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::VPCGatewayAttachment","aws:cdk:cloudformation:props":{"internetGatewayId":{"Ref":"VpcIGWD7BA715C"},"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"ManagedInstancesCluster":{"id":"ManagedInstancesCluster","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesCluster","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.Cluster","version":"0.0.0","metadata":[{"vpc":"*"},{"addManagedInstancesCapacityProvider":["*"]}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesCluster/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnCluster","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Cluster","aws:cdk:cloudformation:props":{}}}}},"InfrastructureRole":{"id":"InfrastructureRole","path":"integ-managedinstances-no-default-capacity-provider/InfrastructureRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"roleName":"*","assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"grantPassRole":["*"]},{"grant":["*","*"]}]},"children":{"ImportInfrastructureRole":{"id":"ImportInfrastructureRole","path":"integ-managedinstances-no-default-capacity-provider/InfrastructureRole/ImportInfrastructureRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/InfrastructureRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonECSInfrastructureRolePolicyForManagedInstances"]]}],"roleName":"InfrastructureRole"}}}}},"InstanceRole":{"id":"InstanceRole","path":"integ-managedinstances-no-default-capacity-provider/InstanceRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"roleName":"*","assumedBy":{"principalAccount":"*","assumeRoleAction":"*"},"managedPolicies":[{"managedPolicyArn":"*"}]},{"addToPrincipalPolicy":[{}]},{"attachInlinePolicy":["*"]},{"attachInlinePolicy":["*"]}]},"children":{"ImportInstanceRole":{"id":"ImportInstanceRole","path":"integ-managedinstances-no-default-capacity-provider/InstanceRole/ImportInstanceRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/InstanceRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ec2.amazonaws.com"}}],"Version":"2012-10-17"},"managedPolicyArns":[{"Fn::Join":["",["arn:",{"Ref":"AWS::Partition"},":iam::aws:policy/AmazonECSInstanceRolePolicyForManagedInstances"]]}],"roleName":"InstanceRole"}}},"DefaultPolicy":{"id":"DefaultPolicy","path":"integ-managedinstances-no-default-capacity-provider/InstanceRole/DefaultPolicy","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Policy","version":"0.0.0","metadata":["*",{"attachToRole":["*"]},{"attachToRole":["*"]},{"addStatements":[{}]}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/InstanceRole/DefaultPolicy/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnPolicy","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Policy","aws:cdk:cloudformation:props":{"policyDocument":{"Statement":[{"Action":"iam:PassRole","Effect":"Allow","Resource":{"Fn::GetAtt":["InfrastructureRoleB0C76DC8","Arn"]}}],"Version":"2012-10-17"},"policyName":"InstanceRoleDefaultPolicy1531605C","roles":[{"Ref":"InstanceRole3CCE2F1D"}]}}}}}}},"InstanceProfile":{"id":"InstanceProfile","path":"integ-managedinstances-no-default-capacity-provider/InstanceProfile","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.InstanceProfile","version":"0.0.0","metadata":[{"instanceProfileName":"*","role":"*"}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/InstanceProfile/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnInstanceProfile","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::InstanceProfile","aws:cdk:cloudformation:props":{"instanceProfileName":"InstanceProfile","roles":[{"Ref":"InstanceRole3CCE2F1D"}]}}}}},"ManagedInstancesSecurityGroup":{"id":"ManagedInstancesSecurityGroup","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesSecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*","description":"*","allowAllOutbound":true}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesSecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"Security group for ManagedInstances capacity provider instances","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}},"ManagedInstancesCapacityProvider":{"id":"ManagedInstancesCapacityProvider","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesCapacityProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.ManagedInstancesCapacityProvider","version":"0.0.0"},"children":{"ManagedInstancesCapacityProvider":{"id":"ManagedInstancesCapacityProvider","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesCapacityProvider/ManagedInstancesCapacityProvider","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnCapacityProvider","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::CapacityProvider","aws:cdk:cloudformation:props":{"clusterName":{"Ref":"ManagedInstancesClusterDC139296"},"managedInstancesProvider":{"infrastructureRoleArn":{"Fn::GetAtt":["InfrastructureRoleB0C76DC8","Arn"]},"instanceLaunchTemplate":{"ec2InstanceProfileArn":{"Fn::GetAtt":["InstanceProfile9F2F41CB","Arn"]},"networkConfiguration":{"subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroups":[{"Fn::GetAtt":["ManagedInstancesSecurityGroupC479A9F6","GroupId"]}]},"instanceRequirements":{"vCpuCount":{"min":1},"memoryMiB":{"min":2048},"acceleratorManufacturers":["nvidia"],"cpuManufacturers":["intel"]}},"propagateTags":"CAPACITY_PROVIDER"}}}}}},"TaskDef":{"id":"TaskDef","path":"integ-managedinstances-no-default-capacity-provider/TaskDef","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.TaskDefinition","version":"0.0.0","metadata":["*","*"]},"children":{"TaskRole":{"id":"TaskRole","path":"integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.Role","version":"0.0.0","metadata":[{"assumedBy":{"principalAccount":"*","assumeRoleAction":"*"}}]},"children":{"ImportTaskRole":{"id":"ImportTaskRole","path":"integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole/ImportTaskRole","constructInfo":{"fqn":"aws-cdk-lib.Resource","version":"0.0.0","metadata":["*"]}},"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/TaskDef/TaskRole/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_iam.CfnRole","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::IAM::Role","aws:cdk:cloudformation:props":{"assumeRolePolicyDocument":{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"Service":"ecs-tasks.amazonaws.com"}}],"Version":"2012-10-17"}}}}}},"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/TaskDef/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnTaskDefinition","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::TaskDefinition","aws:cdk:cloudformation:props":{"containerDefinitions":[{"essential":true,"image":"public.ecr.aws/docker/library/httpd:2.4","memory":512,"name":"web","portMappings":[{"containerPort":80,"protocol":"tcp"}]}],"cpu":"256","family":"integmanagedinstancesnodefaultcapacityproviderTaskDef31EB4AE9","memory":"512","networkMode":"awsvpc","requiresCompatibilities":["FARGATE","MANAGED_INSTANCES"],"taskRoleArn":{"Fn::GetAtt":["TaskDefTaskRole1EDB4A67","Arn"]}}}},"web":{"id":"web","path":"integ-managedinstances-no-default-capacity-provider/TaskDef/web","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.ContainerDefinition","version":"0.0.0"}}}},"ManagedInstancesService":{"id":"ManagedInstancesService","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesService","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.FargateService","version":"0.0.0","metadata":["*"]},"children":{"Service":{"id":"Service","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/Service","constructInfo":{"fqn":"aws-cdk-lib.aws_ecs.CfnService","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::ECS::Service","aws:cdk:cloudformation:props":{"capacityProviderStrategy":[{"capacityProvider":{"Ref":"ManagedInstancesCapacityProviderC2946447"},"weight":1}],"cluster":{"Ref":"ManagedInstancesClusterDC139296"},"deploymentConfiguration":{"maximumPercent":200,"minimumHealthyPercent":50},"desiredCount":1,"enableEcsManagedTags":false,"networkConfiguration":{"awsvpcConfiguration":{"assignPublicIp":"DISABLED","subnets":[{"Ref":"VpcPrivateSubnet1Subnet536B997A"},{"Ref":"VpcPrivateSubnet2Subnet3788AAA1"}],"securityGroups":[{"Fn::GetAtt":["ManagedInstancesServiceSecurityGroupF72D809E","GroupId"]}]}},"taskDefinition":{"Ref":"TaskDef54694570"}}}},"SecurityGroup":{"id":"SecurityGroup","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.SecurityGroup","version":"0.0.0","metadata":[{"vpc":"*"}]},"children":{"Resource":{"id":"Resource","path":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup/Resource","constructInfo":{"fqn":"aws-cdk-lib.aws_ec2.CfnSecurityGroup","version":"0.0.0"},"attributes":{"aws:cdk:cloudformation:type":"AWS::EC2::SecurityGroup","aws:cdk:cloudformation:props":{"groupDescription":"integ-managedinstances-no-default-capacity-provider/ManagedInstancesService/SecurityGroup","securityGroupEgress":[{"cidrIp":"0.0.0.0/0","description":"Allow all outbound traffic by default","ipProtocol":"-1"}],"vpcId":{"Ref":"Vpc8378EB38"}}}}}}}},"BootstrapVersion":{"id":"BootstrapVersion","path":"integ-managedinstances-no-default-capacity-provider/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"integ-managedinstances-no-default-capacity-provider/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}},"ManagedInstancesCapacityProviders":{"id":"ManagedInstancesCapacityProviders","path":"ManagedInstancesCapacityProviders","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTest","version":"0.0.0"},"children":{"DefaultTest":{"id":"DefaultTest","path":"ManagedInstancesCapacityProviders/DefaultTest","constructInfo":{"fqn":"@aws-cdk/integ-tests-alpha.IntegTestCase","version":"0.0.0"},"children":{"Default":{"id":"Default","path":"ManagedInstancesCapacityProviders/DefaultTest/Default","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}},"DeployAssert":{"id":"DeployAssert","path":"ManagedInstancesCapacityProviders/DefaultTest/DeployAssert","constructInfo":{"fqn":"aws-cdk-lib.Stack","version":"0.0.0"},"children":{"BootstrapVersion":{"id":"BootstrapVersion","path":"ManagedInstancesCapacityProviders/DefaultTest/DeployAssert/BootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnParameter","version":"0.0.0"}},"CheckBootstrapVersion":{"id":"CheckBootstrapVersion","path":"ManagedInstancesCapacityProviders/DefaultTest/DeployAssert/CheckBootstrapVersion","constructInfo":{"fqn":"aws-cdk-lib.CfnRule","version":"0.0.0"}}}}}}}},"Tree":{"id":"Tree","path":"Tree","constructInfo":{"fqn":"constructs.Construct","version":"10.4.2"}}}}} \ No newline at end of file diff --git a/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.ts b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.ts new file mode 100644 index 0000000000000..14aa651ea9110 --- /dev/null +++ b/packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.managedinstances-no-default-capacity-provider.ts @@ -0,0 +1,107 @@ +import * as ec2 from 'aws-cdk-lib/aws-ec2'; +import * as iam from 'aws-cdk-lib/aws-iam'; +import * as cdk from 'aws-cdk-lib'; +import * as ecs from 'aws-cdk-lib/aws-ecs'; +import * as integ from '@aws-cdk/integ-tests-alpha'; + +const app = new cdk.App({ + postCliContext: { + '@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm': true, + '@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature': false, + '@aws-cdk/aws-ecs:disableEcsImdsBlocking': false, + }, +}); +const stack = new cdk.Stack(app, 'integ-managedinstances-no-default-capacity-provider'); + +const vpc = new ec2.Vpc(stack, 'Vpc', { maxAzs: 2, restrictDefaultSecurityGroup: false }); +const cluster = new ecs.Cluster(stack, 'ManagedInstancesCluster', { + vpc, +}); + +// Create IAM roles required for FMI following Omakase specifications +const infrastructureRole = new iam.Role(stack, 'InfrastructureRole', { + roleName: 'InfrastructureRole', + assumedBy: new iam.ServicePrincipal('ecs.amazonaws.com'), + managedPolicies: [ + iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInfrastructureRolePolicyForManagedInstances'), + ], +}); + +const instanceRole = new iam.Role(stack, 'InstanceRole', { + roleName: 'InstanceRole', + assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'), + managedPolicies: [ + iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInstanceRolePolicyForManagedInstances'), + ], +}); + +infrastructureRole.grantPassRole(instanceRole); + +const instanceProfile = new iam.InstanceProfile(stack, 'InstanceProfile', { + instanceProfileName: 'InstanceProfile', + role: instanceRole, +}); + +// Create a security group for FMI instances +const fmiSecurityGroup = new ec2.SecurityGroup(stack, 'ManagedInstancesSecurityGroup', { + vpc, + description: 'Security group for ManagedInstances capacity provider instances', + allowAllOutbound: true, +}); + +// Create MI Capacity Provider +const miCapacityProvider = new ecs.ManagedInstancesCapacityProvider(stack, 'ManagedInstancesCapacityProvider', { + infrastructureRole: infrastructureRole, + ec2InstanceProfile: instanceProfile, + subnets: vpc.privateSubnets, + securityGroups: [fmiSecurityGroup], + propagateTags: ecs.PropagateManagedInstancesTags.CAPACITY_PROVIDER, + instanceRequirements: { + vCpuCountMin: 1, + memoryMin: cdk.Size.gibibytes(2), + cpuManufacturers: [ec2.CpuManufacturer.INTEL], + acceleratorManufacturers: [ec2.AcceleratorManufacturer.NVIDIA], + }, +}); + +// Add FMI capacity provider to cluster +cluster.addManagedInstancesCapacityProvider(miCapacityProvider); + +// Create a task definition compatible with Managed Instances and Fargate +const taskDefinition = new ecs.TaskDefinition(stack, 'TaskDef', { + compatibility: ecs.Compatibility.FARGATE_AND_MANAGED_INSTANCES, + cpu: '256', + memoryMiB: '512', + networkMode: ecs.NetworkMode.AWS_VPC, +}); + +taskDefinition.addContainer('web', { + image: ecs.ContainerImage.fromRegistry('public.ecr.aws/docker/library/httpd:2.4'), + memoryLimitMiB: 512, + portMappings: [ + { + containerPort: 80, + protocol: ecs.Protocol.TCP, + }, + ], +}); + +// Create a service using the MI capacity provider +new ecs.FargateService(stack, 'ManagedInstancesService', { + cluster, + taskDefinition, + capacityProviderStrategies: [ + { + capacityProvider: miCapacityProvider.capacityProviderName, + weight: 1, + }, + ], + desiredCount: 1, +}); + +new integ.IntegTest(app, 'ManagedInstancesCapacityProviders', { + testCases: [stack], + regions: ['us-west-2'], +}); + +app.synth(); diff --git a/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts b/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts index 5aa89f3bd3e97..530faf86a4b63 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/cluster.ts @@ -1963,7 +1963,7 @@ class MaybeCreateCapacityProviderAssociations implements IAspect { public visit(node: IConstruct): void { if (Cluster.isCluster(node)) { if ((this.scope.defaultCapacityProviderStrategy.length > 0 - || (this.scope.capacityProviderNames.length > 0 || this.scope.clusterScopedCapacityProviderNames.length > 0) && !this.resource)) { + || (this.scope.capacityProviderNames.length > 0) && !this.resource)) { this.resource = new CfnClusterCapacityProviderAssociations(this.scope, this.id, { cluster: node.clusterName, defaultCapacityProviderStrategy: this.scope.defaultCapacityProviderStrategy, diff --git a/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts b/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts index b60c18768cb3c..09b30dc1f6cd9 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/cluster.test.ts @@ -3321,6 +3321,36 @@ describe('cluster', () => { }); }); + test('does not create CfnClusterCapacityProviderAssociations when using managed instances capacity provider', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'test'); + const vpc = new ec2.Vpc(stack, 'Vpc'); + const cluster = new ecs.Cluster(stack, 'EcsCluster'); + + const instanceRole = new iam.Role(stack, 'InstanceRole', { + assumedBy: new iam.ServicePrincipal('ec2.amazonaws.com'), + managedPolicies: [ + iam.ManagedPolicy.fromAwsManagedPolicyName('AmazonECSInstanceRolePolicyForManagedInstances'), + ], + }); + + const instanceProfile = new iam.InstanceProfile(stack, 'InstanceProfile', { + role: instanceRole, + }); + + // WHEN + const capacityProvider = new ecs.ManagedInstancesCapacityProvider(stack, 'provider', { + ec2InstanceProfile: instanceProfile, + subnets: vpc.privateSubnets, + }); + + cluster.addManagedInstancesCapacityProvider(capacityProvider); + + // THEN + Template.fromStack(stack).resourceCountIs('AWS::ECS::ClusterCapacityProviderAssociations', 0); + }); + test('minimal configuration with required fields only', () => { // GIVEN const app = new cdk.App();