Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

(ecs-patterns): use existing Security Group with ScheduledFargateTask

See original GitHub issue

❓ General Issue

Unable to find a way to specify an existing security group when creating task schedules for fargate tasks using aws cdk

The Question

When defining an ECS Task Schedule, I can’t seem to find a way of specifying an existing security group. Any pointers on where this can be configured using aws cdk?

In the code snippet below, you’ll see I am able to create a cron, specify the docker image to schedule and create the schedule itself by specifying the existing cluster and vpc. However, there is no option to specify an existing security group… Is it possible to specify an existing security group?

schedule_cron = scaling.Schedule.cron(minute=manifest['schedule']['minute'], 
                                                hour=manifest['schedule']['hour'], 
                                                day=manifest['schedule']['day'], 
                                                month=manifest['schedule']['month'], 
                                                year=manifest['schedule']['year'])

image_option = ecs_patterns.ScheduledFargateTaskImageOptions(image=img, 
                                                cpu=manifest["resources"]["cpu"], 
                                                memory_limit_mib=manifest["resources"]["memory"],
                                                log_driver=ecs.AwsLogDriver(log_group=log_group,
                                                                            stream_prefix=manifest["app_name"]),
                                                secrets=secrets,
                                                environment= env)

schedule_pattern = ecs_patterns.ScheduledFargateTask(self, f"scheduledtask{app_name}", 
                                                schedule= schedule_cron, scheduled_fargate_task_image_options=image_option, cluster=cluster, 
                                                desired_task_count=manifest["replica_count"], vpc=vpc)

When i do a cdk synth i can see that cdk is trying to generate a new security group with some outbound and inbound rules. Instead, i would like to pass an existing security group that’s been defined with relevant organization access policies. Is it supported?

Environment

  • CDK CLI Version: 1.15.0
  • Module Version: 1.15.0
  • OS: Windows
  • Language: Python

Other information

https://stackoverflow.com/questions/59067514/aws-cdk-ecs-task-scheduling-specify-existing-securitygroup

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:20
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
piradeepkcommented, Nov 27, 2019

@tarunaroraonline this is currently not supported using the scheduled task (ec2/Fargate) constructs. I’ve tagged it as a feature request, but I’d be more than happy to review it if you’d like to submit a PR to address this issue.

0reactions
github-actions[bot]commented, Jun 15, 2021

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

Read more comments on GitHub >

github_iconTop Results From Across the Web

class ScheduledFargateTask (construct) · AWS CDK
Type: ISecurityGroup [] (optional, default: a new security group will be created.) Existing security groups to use for your service.
Read more >
aws cdk ecs task scheduling specify existing securitygroup
With Event the schedule is specified and with Event Target the SecurityGroup is set. Here is an example implementation using TypeScript.
Read more >
Import an Existing Security Group in AWS CDK | bobbyhadz
Let's go over the code snippet. We imported a security group into our CDK stack by using the fromSecurityGroupId static method on the...
Read more >
Scheduled Fargate Task example in AWS CDK
You can specify an IP address range for the VPC, add subnets, associate security groups, and configure route tables. For this blog post, ......
Read more >
ecs-patterns 1.182.0 javadoc (software.amazon.awscdk)
The properties for the ScheduledFargateTask using a task definition. ... Fargate services use the default VPC Security Group unless one or more are...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Unable to use ECS Ec2Service construct when ECS cluster uses manually added EC2 capacity

Next page

JsiiErrors / EAGAIN when using node>=13.2 with Python, Java & .NET