Skip to content

Commit

Permalink
fix: update ecs task network
Browse files Browse the repository at this point in the history
  • Loading branch information
ayuki-joto committed Nov 30, 2024
1 parent 69cc724 commit bd1e9e2
Show file tree
Hide file tree
Showing 3 changed files with 117 additions and 236 deletions.
11 changes: 8 additions & 3 deletions lib/decidim-stack.ts
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ export class DecidimStack extends cdk.Stack {
});

backendTaskRole.addToPolicy(ECSExecPolicyStatement);
backendTaskRole.addManagedPolicy(aws_iam.ManagedPolicy.fromAwsManagedPolicyName('service-role/AmazonECSTaskExecutionRolePolicy'));
// backendTaskRole.addManagedPolicy(aws_iam.ManagedPolicy.fromAwsManagedPolicyName('AWSXrayWriteOnlyAccess'))

// Task Definition
Expand All @@ -81,7 +82,8 @@ export class DecidimStack extends cdk.Stack {
? props.containerSpec?.memoryLimitMiB
: 4096,
family: `${ props.stage }DecidimTaskDefinition`,
taskRole: backendTaskRole
taskRole: backendTaskRole,
executionRole: backendTaskRole
}
);

Expand All @@ -93,7 +95,8 @@ export class DecidimStack extends cdk.Stack {
cpu: 512,
memoryLimitMiB: 2048,
family: `${ props.stage }SidekiqTaskDefinition`,
taskRole: backendTaskRole
taskRole: backendTaskRole,
executionRole: backendTaskRole
}
);

Expand Down Expand Up @@ -420,8 +423,10 @@ export class DecidimStack extends cdk.Stack {
targets: [new EcsTask({
cluster: cluster,
taskDefinition: taskDefinition,
assignPublicIp: true,
securityGroups: [props.securityGroup],
subnetSelection: {
subnets: props.vpc.publicSubnets
subnetType: aws_ec2.SubnetType.PUBLIC // ここでサブネットタイプを指定
},
containerOverrides: [
{
Expand Down
Loading

0 comments on commit bd1e9e2

Please sign in to comment.