aws-cdk-lib/aws-stepfunctions-tasks/lib/ecs/run-ecs-task-base.js

Version 2 of the AWS Cloud Development Kit library

"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__setModuleDefault=exports&&exports.__setModuleDefault||(Object.create?(function(o,v){Object.defineProperty(o,"default",{enumerable:!0,value:v})}):function(o,v){o.default=v}),__importStar=exports&&exports.__importStar||(function(){var ownKeys=function(o){return ownKeys=Object.getOwnPropertyNames||function(o2){var ar=[];for(var k in o2)Object.prototype.hasOwnProperty.call(o2,k)&&(ar[ar.length]=k);return ar},ownKeys(o)};return function(mod){if(mod&&mod.__esModule)return mod;var result={};if(mod!=null)for(var k=ownKeys(mod),i=0;i<k.length;i++)k[i]!=="default"&&__createBinding(result,mod,k[i]);return __setModuleDefault(result,mod),result}})();Object.defineProperty(exports,"__esModule",{value:!0}),exports.EcsRunTaskBase=void 0;const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var ec2=()=>{var tmp=__importStar(require("../../../aws-ec2"));return ec2=()=>tmp,tmp},iam=()=>{var tmp=__importStar(require("../../../aws-iam"));return iam=()=>tmp,tmp},sfn=()=>{var tmp=__importStar(require("../../../aws-stepfunctions"));return sfn=()=>tmp,tmp},cdk=()=>{var tmp=__importStar(require("../../../core"));return cdk=()=>tmp,tmp},literal_string_1=()=>{var tmp=require("../../../core/lib/private/literal-string");return literal_string_1=()=>tmp,tmp},resource_arn_suffix_1=()=>{var tmp=require("../resource-arn-suffix");return resource_arn_suffix_1=()=>tmp,tmp};class EcsRunTaskBase{props;static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_stepfunctions_tasks.EcsRunTaskBase",version:"2.260.0"};connections=new(ec2()).Connections;securityGroup;networkConfiguration;integrationPattern;constructor(props){if(this.props=props,this.integrationPattern=props.integrationPattern||sfn().ServiceIntegrationPattern.FIRE_AND_FORGET,![sfn().ServiceIntegrationPattern.FIRE_AND_FORGET,sfn().ServiceIntegrationPattern.WAIT_FOR_TASK_TOKEN,sfn().ServiceIntegrationPattern.SYNC].includes(this.integrationPattern))throw new(cdk()).UnscopedValidationError((0,literal_string_1().lit)`InvalidServiceIntegrationPattern`,`Invalid Service Integration Pattern: ${this.integrationPattern} is not supported to call ECS.`);if(this.integrationPattern===sfn().ServiceIntegrationPattern.WAIT_FOR_TASK_TOKEN&&!sfn().FieldUtils.containsTaskToken(props.containerOverrides?.map(override=>override.environment)))throw new(cdk()).UnscopedValidationError((0,literal_string_1().lit)`TaskTokenRequired`,"Task Token is required in at least one `containerOverrides.environment` for callback. Use JsonPath.taskToken to set the token.");for(const override of this.props.containerOverrides||[]){const name=override.containerDefinition.containerName;if(!cdk().Token.isUnresolved(name)&&!this.props.taskDefinition.node.tryFindChild(name))throw new(cdk()).UnscopedValidationError((0,literal_string_1().lit)`OverridesMentionContainerName`,`Overrides mention container with name '${name}', but no such container in task definition`)}}bind(task){return this.networkConfiguration!==void 0&&(this.securityGroup===void 0&&(this.securityGroup=new(ec2()).SecurityGroup(task,"SecurityGroup",{vpc:this.props.cluster.vpc})),this.connections.addSecurityGroup(this.securityGroup)),{resourceArn:(0,resource_arn_suffix_1().getResourceArn)("ecs","runTask",this.integrationPattern),parameters:{Cluster:this.props.cluster.clusterArn,TaskDefinition:this.props.taskDefinition.taskDefinitionArn,NetworkConfiguration:this.networkConfiguration,Overrides:renderOverrides(this.props.containerOverrides),...this.props.parameters},policyStatements:this.makePolicyStatements(task)}}configureAwsVpcNetworking(vpc,assignPublicIp,subnetSelection,securityGroup){subnetSelection===void 0&&(subnetSelection={subnetType:assignPublicIp?ec2().SubnetType.PUBLIC:ec2().SubnetType.PRIVATE_WITH_EGRESS}),this.securityGroup=securityGroup,this.networkConfiguration={AwsvpcConfiguration:{AssignPublicIp:assignPublicIp!==void 0?assignPublicIp?"ENABLED":"DISABLED":void 0,Subnets:vpc.selectSubnets(subnetSelection).subnetIds,SecurityGroups:cdk().Lazy.list({produce:()=>[this.securityGroup.securityGroupId]})}}}makePolicyStatements(task){const stack=cdk().Stack.of(task),policyStatements=[new(iam()).PolicyStatement({actions:["ecs:RunTask"],resources:[this.props.taskDefinition.taskDefinitionArn]}),new(iam()).PolicyStatement({actions:["ecs:StopTask","ecs:DescribeTasks"],resources:["*"]}),new(iam()).PolicyStatement({actions:["iam:PassRole"],resources:cdk().Lazy.list({produce:()=>this.taskExecutionRoles().map(r=>r.roleArn)})})];return this.integrationPattern===sfn().ServiceIntegrationPattern.SYNC&&policyStatements.push(new(iam()).PolicyStatement({actions:["events:PutTargets","events:PutRule","events:DescribeRule"],resources:[stack.formatArn({service:"events",resource:"rule",resourceName:"StepFunctionsGetEventsForECSTaskRule"})]})),policyStatements}taskExecutionRoles(){const ret=new Array;return ret.push(this.props.taskDefinition.taskRole),this.props.taskDefinition.executionRole&&ret.push(this.props.taskDefinition.executionRole),ret}}exports.EcsRunTaskBase=EcsRunTaskBase;function renderOverrides(containerOverrides){if(!containerOverrides)return;const ret=new Array;for(const override of containerOverrides)ret.push({Name:override.containerDefinition.containerName,Command:override.command,Cpu:override.cpu,Memory:override.memoryLimit,MemoryReservation:override.memoryReservation,Environment:override.environment&&override.environment.map(e=>({Name:e.name,Value:e.value}))});return{ContainerOverrides:ret}}