Top / Amazon Web Service / AWS Amazon ECS / Capacity Provider

AWS Amazon ECS Capacity Provider

This page shows how to write Terraform and CloudFormation for Amazon ECS Capacity Provider and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_ecs_capacity_provider (Terraform)

The Capacity Provider in Amazon ECS can be configured in Terraform with the resource name aws_ecs_capacity_provider. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

ecs_cluster.tf#L5
resource "aws_ecs_capacity_provider" "cluster_capacity" {
  name = "test"

  auto_scaling_group_provider {
    auto_scaling_group_arn         = aws_autoscaling_group.cluster.arn
    managed_termination_protection = "ENABLED"
main.tf#L2
resource "aws_ecs_capacity_provider" "capacity_provider" {
  name = var.name
  auto_scaling_group_provider {
    auto_scaling_group_arn         = var.auto_scaling_group_arn
    managed_termination_protection = "ENABLED"
    managed_scaling {
ecs.tf#L11
resource "aws_ecs_capacity_provider" "cp" {
    name = "capacity-provider-dask"
    auto_scaling_group_provider {
      auto_scaling_group_arn = aws_autoscaling_group.asg.arn
      managed_termination_protection = "DISABLED"
ecs.tf#L11
resource "aws_ecs_capacity_provider" "tmp-cluster-ec2" {
  # Currentry, we cannot delete capacity provider. If you exec 'terraform destroy', you can delete resouce only on tfstate.
  name = "tmp-cluster-ec2"

  auto_scaling_group_provider {
    auto_scaling_group_arn         = aws_autoscaling_group.tmp-asg.arn
main.tf#L15
resource "aws_ecs_capacity_provider" "this" {
  name = local.envname

  auto_scaling_group_provider {
    auto_scaling_group_arn = module.asg.autoscaling_group_arn
  }

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides an ECS cluster capacity provider. More information can be found on the ECS Developer Guide.

NOTE: Associating an ECS Capacity Provider to an Auto Scaling Group will automatically add the AmazonECSManaged tag to the Auto Scaling Group. This tag should be included in the aws_autoscaling_group resource configuration to prevent Terraform from removing it in subsequent executions as well as ensuring the AmazonECSManaged tag is propagated to all EC2 Instances in the Auto Scaling Group if min_size is above 0 on creation. Any EC2 Instances in the Auto Scaling Group without this tag must be manually be updated, otherwise they may cause unexpected scaling behavior and metrics.

>> from Terraform Registry

Tips: Best Practices for The Other AWS Amazon ECS Resources

In addition to the aws_ecs_cluster, AWS Amazon ECS has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

aws_ecs_cluster

Ensure to enable CloudWatch Container Insights

It's better to enable CloudWatch Container Insights to gain a better perspective on cluster applications. CloudWatch Container Insights collects, aggregates, and summarizes ECS metrics and logs.

risk-label

aws_ecs_task_definition

Ensure to enable in-transit encryption of EFS volume

It is better to enable in-transit encryption of EFS volume for the protection of data in transit more.

Review your AWS Amazon ECS settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

AWS::ECS::CapacityProvider (CloudFormation)

The CapacityProvider in ECS can be configured in CloudFormation with the resource name AWS::ECS::CapacityProvider. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

cluster.yml#L97
    Type: AWS::ECS::CapacityProvider
    DependsOn: ECSCluster
    Condition: EC2
    Properties:
      AutoScalingGroupProvider:
        AutoScalingGroupArn: !Ref ECSAutoScalingGroup
ecs.template.yml#L37
    Type: AWS::ECS::CapacityProvider
    Properties:
      AutoScalingGroupProvider:
        AutoScalingGroupArn:
          Fn::ImportValue: !Sub ${Service}-${AccountType}-asg
        ManagedScaling:
ecs-cap-provider.yml#L306
    Type: AWS::ECS::CapacityProvider
    Properties:
        AutoScalingGroupProvider:
            AutoScalingGroupArn: !Ref ECSAutoScalingGroupOD
            ManagedScaling:
                MaximumScalingStepSize: 10
code.yml#L11
    Type: AWS::ECS::CapacityProvider
    Properties:
      AutoScalingGroupProvider:
        AutoScalingGroupArn: !ImportValue AutoScalingGroup01
        ManagedScaling:
          MaximumScalingStepSize: 1
serverless.yml#L105
    #  Type: AWS::ECS::CapacityProvider
    #  Properties:
    #    AutoScalingGroupProvider:
    #      AutoScalingGroupArn: !Ref ECSAutoScalingGroup
    #        #Fn::GetAtt:
    #        #  - ECSAutoScalingGroup
integ.capacity-provider.expected.json#L896
      "Type": "AWS::ECS::CapacityProvider",
      "Properties": {
        "AutoScalingGroupProvider": {
          "AutoScalingGroupArn": {
            "Ref": "ASG46ED3070"
          },
integ.capacity-provider.expected.json#L896
      "Type": "AWS::ECS::CapacityProvider",
      "Properties": {
        "AutoScalingGroupProvider": {
          "AutoScalingGroupArn": {
            "Ref": "ASG46ED3070"
          },
integ.capacity-provider.expected.json#L896
      "Type": "AWS::ECS::CapacityProvider",
      "Properties": {
        "AutoScalingGroupProvider": {
          "AutoScalingGroupArn": {
            "Ref": "ASG46ED3070"
          },
integ.capacity-provider.expected.json#L896
      "Type": "AWS::ECS::CapacityProvider",
      "Properties": {
        "AutoScalingGroupProvider": {
          "AutoScalingGroupArn": {
            "Ref": "ASG46ED3070"
          },
ECSCapacityProviderSpecification.json#L3
    "AWS::ECS::CapacityProvider.ManagedScaling": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-capacityprovider-managedscaling.html",
      "Properties": {
        "MinimumScalingStepSize": {
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-capacityprovider-managedscaling.html#cfn-ecs-capacityprovider-managedscaling-minimumscalingstepsize",
          "UpdateType": "Immutable",

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::ECS::CapacityProvider resource creates an Amazon Elastic Container Service (Amazon ECS) capacity provider. Capacity providers are associated with an Amazon ECS cluster and are used in capacity provider strategies to facilitate cluster auto scaling.

Only capacity providers using an Auto Scaling group can be created. Amazon ECS tasks on AWS Fargate use the FARGATE and FARGATE_SPOT capacity providers which are already created and available to all accounts in Regions supported by AWS Fargate.

>> from AWS CloudFormation Documentation

The Other Related AWS Amazon ECS Resources

Frequently asked questions

What is AWS Amazon ECS Capacity Provider?

AWS Amazon ECS Capacity Provider is a resource for Amazon ECS of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon ECS Capacity Provider?

For Terraform, the MiguelIsaza95/movie-analyst-containers, balu970/Terraform-modules and b0gdanp3trovic/dask_on_ecs_terraform source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the ebosas/microservices, kame8015/asg-tutorial and gaonkarr/ECS-Cost-Strategies source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents