aws-sdk-ecs 1.116.0 → 1.131.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -127,7 +127,7 @@ module Aws::ECS
127
127
  #
128
128
  # @!attribute [rw] auto_scaling_group_arn
129
129
  # The Amazon Resource Name (ARN) that identifies the Auto Scaling
130
- # group.
130
+ # group, or the Auto Scaling group name.
131
131
  # @return [String]
132
132
  #
133
133
  # @!attribute [rw] managed_scaling
@@ -763,7 +763,7 @@ module Aws::ECS
763
763
  # the "HTTP" namespace type in the Command Line Interface. Other
764
764
  # types of instance discovery aren't used by Service Connect.
765
765
  #
766
- # If you update the service with an empty string `""` for the
766
+ # If you update the cluster with an empty string `""` for the
767
767
  # namespace name, the cluster configuration for Service Connect is
768
768
  # removed. Note that the namespace will remain in Cloud Map and must
769
769
  # be deleted separately.
@@ -837,11 +837,6 @@ module Aws::ECS
837
837
  #
838
838
  # @!attribute [rw] image_digest
839
839
  # The container image manifest digest.
840
- #
841
- # <note markdown="1"> The `imageDigest` is only returned if the container is using an
842
- # image hosted in Amazon ECR, otherwise it is omitted.
843
- #
844
- # </note>
845
840
  # @return [String]
846
841
  #
847
842
  # @!attribute [rw] runtime_id
@@ -1409,6 +1404,8 @@ module Aws::ECS
1409
1404
  # [Amazon ECS-optimized Linux AMI][2] in the *Amazon Elastic Container
1410
1405
  # Service Developer Guide*.
1411
1406
  #
1407
+ # The valid values are 2-120 seconds.
1408
+ #
1412
1409
  #
1413
1410
  #
1414
1411
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html
@@ -1449,6 +1446,8 @@ module Aws::ECS
1449
1446
  # ECS-optimized Linux AMI][2] in the *Amazon Elastic Container Service
1450
1447
  # Developer Guide*.
1451
1448
  #
1449
+ # The valid values are 2-120 seconds.
1450
+ #
1452
1451
  #
1453
1452
  #
1454
1453
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html
@@ -1806,7 +1805,9 @@ module Aws::ECS
1806
1805
  # A list of namespaced kernel parameters to set in the container. This
1807
1806
  # parameter maps to `Sysctls` in the [Create a container][1] section
1808
1807
  # of the [Docker Remote API][2] and the `--sysctl` option to [docker
1809
- # run][3].
1808
+ # run][3]. For example, you can configure
1809
+ # `net.ipv4.tcp_keepalive_time` setting to maintain longer lived
1810
+ # connections.
1810
1811
  #
1811
1812
  # <note markdown="1"> We don't recommended that you specify network-related
1812
1813
  # `systemControls` parameters for multiple containers in a single task
@@ -1819,6 +1820,16 @@ module Aws::ECS
1819
1820
  #
1820
1821
  # </note>
1821
1822
  #
1823
+ # <note markdown="1"> This parameter is not supported for Windows containers.
1824
+ #
1825
+ # </note>
1826
+ #
1827
+ # <note markdown="1"> This parameter is only supported for tasks that are hosted on
1828
+ # Fargate if the tasks are using platform version `1.4.0` or later
1829
+ # (Linux). This isn't supported for Windows containers on Fargate.
1830
+ #
1831
+ # </note>
1832
+ #
1822
1833
  #
1823
1834
  #
1824
1835
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
@@ -1842,6 +1853,52 @@ module Aws::ECS
1842
1853
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html
1843
1854
  # @return [Types::FirelensConfiguration]
1844
1855
  #
1856
+ # @!attribute [rw] credential_specs
1857
+ # A list of ARNs in SSM or Amazon S3 to a credential spec (`CredSpec`)
1858
+ # file that configures the container for Active Directory
1859
+ # authentication. We recommend that you use this parameter instead of
1860
+ # the `dockerSecurityOptions`. The maximum number of ARNs is 1.
1861
+ #
1862
+ # There are two formats for each ARN.
1863
+ #
1864
+ # credentialspecdomainless:MyARN
1865
+ #
1866
+ # : You use `credentialspecdomainless:MyARN` to provide a `CredSpec`
1867
+ # with an additional section for a secret in Secrets Manager. You
1868
+ # provide the login credentials to the domain in the secret.
1869
+ #
1870
+ # Each task that runs on any container instance can join different
1871
+ # domains.
1872
+ #
1873
+ # You can use this format without joining the container instance to
1874
+ # a domain.
1875
+ #
1876
+ # credentialspec:MyARN
1877
+ #
1878
+ # : You use `credentialspec:MyARN` to provide a `CredSpec` for a
1879
+ # single domain.
1880
+ #
1881
+ # You must join the container instance to the domain before you
1882
+ # start any tasks that use this task definition.
1883
+ #
1884
+ # In both formats, replace `MyARN` with the ARN in SSM or Amazon S3.
1885
+ #
1886
+ # If you provide a `credentialspecdomainless:MyARN`, the `credspec`
1887
+ # must provide a ARN in Secrets Manager for a secret containing the
1888
+ # username, password, and the domain to connect to. For better
1889
+ # security, the instance isn't joined to the domain for domainless
1890
+ # authentication. Other applications on the instance can't use the
1891
+ # domainless credentials. You can use this parameter to run tasks on
1892
+ # the same instance, even it the tasks need to join different domains.
1893
+ # For more information, see [Using gMSAs for Windows Containers][1]
1894
+ # and [Using gMSAs for Linux Containers][2].
1895
+ #
1896
+ #
1897
+ #
1898
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html
1899
+ # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html
1900
+ # @return [Array<String>]
1901
+ #
1845
1902
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/ContainerDefinition AWS API Documentation
1846
1903
  #
1847
1904
  class ContainerDefinition < Struct.new(
@@ -1883,7 +1940,8 @@ module Aws::ECS
1883
1940
  :health_check,
1884
1941
  :system_controls,
1885
1942
  :resource_requirements,
1886
- :firelens_configuration)
1943
+ :firelens_configuration,
1944
+ :credential_specs)
1887
1945
  SENSITIVE = []
1888
1946
  include Aws::Structure
1889
1947
  end
@@ -2061,8 +2119,8 @@ module Aws::ECS
2061
2119
  # @return [Boolean]
2062
2120
  #
2063
2121
  # @!attribute [rw] running_tasks_count
2064
- # The number of tasks on the container instance that are in the
2065
- # `RUNNING` status.
2122
+ # The number of tasks on the container instance that have a desired
2123
+ # status (`desiredStatus`) of `RUNNING`.
2066
2124
  # @return [Integer]
2067
2125
  #
2068
2126
  # @!attribute [rw] pending_tasks_count
@@ -2177,6 +2235,15 @@ module Aws::ECS
2177
2235
  # is `\{"containerOverrides": [ ] \}`. If a non-empty container override
2178
2236
  # is specified, the `name` parameter must be included.
2179
2237
  #
2238
+ # You can use Secrets Manager or Amazon Web Services Systems Manager
2239
+ # Parameter Store to store the sensitive data. For more information, see
2240
+ # [Retrieve secrets through environment variables][1] in the Amazon ECS
2241
+ # Developer Guide.
2242
+ #
2243
+ #
2244
+ #
2245
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/secrets-envvar.html
2246
+ #
2180
2247
  # @!attribute [rw] name
2181
2248
  # The name of the container that receives the override. This parameter
2182
2249
  # is required if any override is specified.
@@ -2601,7 +2668,7 @@ module Aws::ECS
2601
2668
  #
2602
2669
  # @!attribute [rw] desired_count
2603
2670
  # The number of instantiations of the specified task definition to
2604
- # place and keep running on your cluster.
2671
+ # place and keep running in your service.
2605
2672
  #
2606
2673
  # This is required if `schedulingStrategy` is `REPLICA` or isn't
2607
2674
  # specified. If `schedulingStrategy` is `DAEMON` then this isn't
@@ -2833,6 +2900,9 @@ module Aws::ECS
2833
2900
  # ECS resources][1] in the *Amazon Elastic Container Service Developer
2834
2901
  # Guide*.
2835
2902
  #
2903
+ # When you use Amazon ECS managed tags, you need to set the
2904
+ # `propagateTags` request parameter.
2905
+ #
2836
2906
  #
2837
2907
  #
2838
2908
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html
@@ -2845,6 +2915,8 @@ module Aws::ECS
2845
2915
  # tags to a task after task creation, use the [TagResource][1] API
2846
2916
  # action.
2847
2917
  #
2918
+ # The default is `NONE`.
2919
+ #
2848
2920
  #
2849
2921
  #
2850
2922
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html
@@ -2949,7 +3021,8 @@ module Aws::ECS
2949
3021
  # @return [String]
2950
3022
  #
2951
3023
  # @!attribute [rw] task_definition
2952
- # The task definition for the tasks in the task set to use.
3024
+ # The task definition for the tasks in the task set to use. If a
3025
+ # revision isn't specified, the latest `ACTIVE` revision is used.
2953
3026
  # @return [String]
2954
3027
  #
2955
3028
  # @!attribute [rw] network_configuration
@@ -3578,9 +3651,13 @@ module Aws::ECS
3578
3651
  # failure. For more information, see [Rolling update][1] in the *Amazon
3579
3652
  # Elastic Container Service Developer Guide*.
3580
3653
  #
3654
+ # For more information about API failure reasons, see [API failure
3655
+ # reasons][2] in the *Amazon Elastic Container Service Developer Guide*.
3656
+ #
3581
3657
  #
3582
3658
  #
3583
3659
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html
3660
+ # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/api_failures_messages.html
3584
3661
  #
3585
3662
  # @!attribute [rw] enable
3586
3663
  # Determines whether to use the deployment circuit breaker logic for
@@ -4500,9 +4577,7 @@ module Aws::ECS
4500
4577
  # container. You can specify up to ten environment files. The file must
4501
4578
  # have a `.env` file extension. Each line in an environment file should
4502
4579
  # contain an environment variable in `VARIABLE=VALUE` format. Lines
4503
- # beginning with `#` are treated as comments and are ignored. For more
4504
- # information about the environment variable file syntax, see [Declare
4505
- # default environment variables in file][1].
4580
+ # beginning with `#` are treated as comments and are ignored.
4506
4581
  #
4507
4582
  # If there are environment variables specified using the `environment`
4508
4583
  # parameter in a container definition, they take precedence over the
@@ -4510,20 +4585,26 @@ module Aws::ECS
4510
4585
  # environment files are specified that contain the same variable,
4511
4586
  # they're processed from the top down. We recommend that you use unique
4512
4587
  # variable names. For more information, see [Specifying environment
4513
- # variables][2] in the *Amazon Elastic Container Service Developer
4588
+ # variables][1] in the *Amazon Elastic Container Service Developer
4514
4589
  # Guide*.
4515
4590
  #
4516
- # This parameter is only supported for tasks hosted on Fargate using the
4517
- # following platform versions:
4591
+ # You must use the following platforms for the Fargate launch type:
4518
4592
  #
4519
4593
  # * Linux platform version `1.4.0` or later.
4520
4594
  #
4521
4595
  # * Windows platform version `1.0.0` or later.
4522
4596
  #
4597
+ # Consider the following when using the Fargate launch type:
4598
+ #
4599
+ # * The file is handled like a native Docker env-file.
4600
+ #
4601
+ # * There is no support for shell escape handling.
4602
+ #
4603
+ # * The container entry point interperts the `VARIABLE` values.
4523
4604
  #
4524
4605
  #
4525
- # [1]: https://docs.docker.com/compose/env-file/
4526
- # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html
4606
+ #
4607
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html
4527
4608
  #
4528
4609
  # @!attribute [rw] value
4529
4610
  # The Amazon Resource Name (ARN) of the Amazon S3 object containing
@@ -4950,6 +5031,9 @@ module Aws::ECS
4950
5031
  # task with the DescribeTasks API operation or when viewing the task
4951
5032
  # details in the console.
4952
5033
  #
5034
+ # The health check is designed to make sure that your containers survive
5035
+ # agent restarts, upgrades, or temporary unavailability.
5036
+ #
4953
5037
  # The following describes the possible `healthStatus` values for a
4954
5038
  # container:
4955
5039
  #
@@ -4957,23 +5041,57 @@ module Aws::ECS
4957
5041
  #
4958
5042
  # * `UNHEALTHY`-The container health check has failed.
4959
5043
  #
4960
- # * `UNKNOWN`-The container health check is being evaluated or there's
4961
- # no container health check defined.
5044
+ # * `UNKNOWN`-The container health check is being evaluated, there's no
5045
+ # container health check defined, or Amazon ECS doesn't have the
5046
+ # health status of the container.
5047
+ #
5048
+ # The following describes the possible `healthStatus` values based on
5049
+ # the container health checker status of essential containers in the
5050
+ # task with the following priority order (high to low):
5051
+ #
5052
+ # * `UNHEALTHY`-One or more essential containers have failed their
5053
+ # health check.
4962
5054
  #
4963
- # The following describes the possible `healthStatus` values for a task.
4964
- # The container health check status of non-essential containers don't
4965
- # have an effect on the health status of a task.
5055
+ # * `UNKNOWN`-Any essential container running within the task is in an
5056
+ # `UNKNOWN` state and no other essential containers have an
5057
+ # `UNHEALTHY` state.
4966
5058
  #
4967
5059
  # * `HEALTHY`-All essential containers within the task have passed their
4968
5060
  # health checks.
4969
5061
  #
4970
- # * `UNHEALTHY`-One or more essential containers have failed their
4971
- # health check.
5062
+ # Consider the following task health example with 2 containers.
4972
5063
  #
4973
- # * `UNKNOWN`-The essential containers within the task are still having
4974
- # their health checks evaluated, there are only nonessential
4975
- # containers with health checks defined, or there are no container
4976
- # health checks defined.
5064
+ # * If Container1 is `UNHEALTHY` and Container2 is `UNKNOWN`, the task
5065
+ # health is `UNHEALTHY`.
5066
+ #
5067
+ # * If Container1 is `UNHEALTHY` and Container2 is `HEALTHY`, the task
5068
+ # health is `UNHEALTHY`.
5069
+ #
5070
+ # * If Container1 is `HEALTHY` and Container2 is `UNKNOWN`, the task
5071
+ # health is `UNKNOWN`.
5072
+ #
5073
+ # * If Container1 is `HEALTHY` and Container2 is `HEALTHY`, the task
5074
+ # health is `HEALTHY`.
5075
+ #
5076
+ # Consider the following task health example with 3 containers.
5077
+ #
5078
+ # * If Container1 is `UNHEALTHY` and Container2 is `UNKNOWN`, and
5079
+ # Container3 is `UNKNOWN`, the task health is `UNHEALTHY`.
5080
+ #
5081
+ # * If Container1 is `UNHEALTHY` and Container2 is `UNKNOWN`, and
5082
+ # Container3 is `HEALTHY`, the task health is `UNHEALTHY`.
5083
+ #
5084
+ # * If Container1 is `UNHEALTHY` and Container2 is `HEALTHY`, and
5085
+ # Container3 is `HEALTHY`, the task health is `UNHEALTHY`.
5086
+ #
5087
+ # * If Container1 is `HEALTHY` and Container2 is `UNKNOWN`, and
5088
+ # Container3 is `HEALTHY`, the task health is `UNKNOWN`.
5089
+ #
5090
+ # * If Container1 is `HEALTHY` and Container2 is `UNKNOWN`, and
5091
+ # Container3 is `UNKNOWN`, the task health is `UNKNOWN`.
5092
+ #
5093
+ # * If Container1 is `HEALTHY` and Container2 is `HEALTHY`, and
5094
+ # Container3 is `HEALTHY`, the task health is `HEALTHY`.
4977
5095
  #
4978
5096
  # If a task is run manually, and not as part of a service, the task will
4979
5097
  # continue its lifecycle regardless of its health status. For tasks that
@@ -4982,6 +5100,13 @@ module Aws::ECS
4982
5100
  #
4983
5101
  # The following are notes about container health check support:
4984
5102
  #
5103
+ # * When the Amazon ECS agent cannot connect to the Amazon ECS service,
5104
+ # the service reports the container as `UNHEALTHY`.
5105
+ #
5106
+ # * The health check statuses are the "last heard from" response from
5107
+ # the Amazon ECS agent. There are no assumptions made about the status
5108
+ # of the container health checks.
5109
+ #
4985
5110
  # * Container health checks require version 1.17.0 or greater of the
4986
5111
  # Amazon ECS container agent. For more information, see [Updating the
4987
5112
  # Amazon ECS container agent][2].
@@ -6228,8 +6353,7 @@ module Aws::ECS
6228
6353
  # target group or groups associated with a service or task set.
6229
6354
  #
6230
6355
  # A target group ARN is only specified when using an Application Load
6231
- # Balancer or Network Load Balancer. If you're using a Classic Load
6232
- # Balancer, omit the target group ARN.
6356
+ # Balancer or Network Load Balancer.
6233
6357
  #
6234
6358
  # For services using the `ECS` deployment controller, you can specify
6235
6359
  # one or multiple target groups. For more information, see
@@ -6258,9 +6382,8 @@ module Aws::ECS
6258
6382
  # The name of the load balancer to associate with the Amazon ECS
6259
6383
  # service or task set.
6260
6384
  #
6261
- # A load balancer name is only specified when using a Classic Load
6262
- # Balancer. If you are using an Application Load Balancer or a Network
6263
- # Load Balancer the load balancer name parameter should be omitted.
6385
+ # If you are using an Application Load Balancer or a Network Load
6386
+ # Balancer the load balancer name parameter should be omitted.
6264
6387
  # @return [String]
6265
6388
  #
6266
6389
  # @!attribute [rw] container_name
@@ -6302,9 +6425,15 @@ module Aws::ECS
6302
6425
  # containers.
6303
6426
  #
6304
6427
  # * Amazon ECS currently supports a subset of the logging drivers
6305
- # available to the Docker daemon (shown in the valid values below).
6306
- # Additional log drivers may be available in future releases of the
6307
- # Amazon ECS container agent.
6428
+ # available to the Docker daemon. Additional log drivers may be
6429
+ # available in future releases of the Amazon ECS container agent.
6430
+ #
6431
+ # For tasks on Fargate, the supported log drivers are `awslogs`,
6432
+ # `splunk`, and `awsfirelens`.
6433
+ #
6434
+ # For tasks hosted on Amazon EC2 instances, the supported log drivers
6435
+ # are `awslogs`, `fluentd`, `gelf`, `json-file`, `journald`,
6436
+ # `logentries`,`syslog`, `splunk`, and `awsfirelens`.
6308
6437
  #
6309
6438
  # * This parameter requires version 1.18 of the Docker Remote API or
6310
6439
  # greater on your container instance.
@@ -6505,8 +6634,8 @@ module Aws::ECS
6505
6634
  # @!attribute [rw] maximum_scaling_step_size
6506
6635
  # The maximum number of Amazon EC2 instances that Amazon ECS will
6507
6636
  # scale out at one time. The scale in process is not affected by this
6508
- # parameter. If this parameter is omitted, the default value of `1` is
6509
- # used.
6637
+ # parameter. If this parameter is omitted, the default value of
6638
+ # `10000` is used.
6510
6639
  # @return [Integer]
6511
6640
  #
6512
6641
  # @!attribute [rw] instance_warmup_period
@@ -6620,8 +6749,8 @@ module Aws::ECS
6620
6749
  # `hostPortRange` is set as follows:
6621
6750
  #
6622
6751
  # * For containers in a task with the `awsvpc` network mode, the
6623
- # `hostPort` is set to the same value as the `containerPort`. This
6624
- # is a static mapping strategy.
6752
+ # `hostPortRange` is set to the same value as the
6753
+ # `containerPortRange`. This is a static mapping strategy.
6625
6754
  #
6626
6755
  # * For containers in a task with the `bridge` network mode, the
6627
6756
  # Amazon ECS agent finds open host ports from the default
@@ -6920,10 +7049,10 @@ module Aws::ECS
6920
7049
  # is listed on the instance under
6921
7050
  # `/proc/sys/net/ipv4/ip_local_port_range`. If this kernel parameter
6922
7051
  # is unavailable, the default ephemeral port range from 49153 through
6923
- # 65535 is used. Do not attempt to specify a host port in the
6924
- # ephemeral port range as these are reserved for automatic assignment.
6925
- # In general, ports below 32768 are outside of the ephemeral port
6926
- # range.
7052
+ # 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not
7053
+ # attempt to specify a host port in the ephemeral port range as these
7054
+ # are reserved for automatic assignment. In general, ports below 32768
7055
+ # are outside of the ephemeral port range.
6927
7056
  #
6928
7057
  # The default reserved ports are 22 for SSH, the Docker ports 2375 and
6929
7058
  # 2376, and the Amazon ECS container agent ports 51678-51680. Any host
@@ -7013,8 +7142,8 @@ module Aws::ECS
7013
7142
  # `hostPortRange` is set as follows:
7014
7143
  #
7015
7144
  # * For containers in a task with the `awsvpc` network mode, the
7016
- # `hostPort` is set to the same value as the `containerPort`. This
7017
- # is a static mapping strategy.
7145
+ # `hostPortRange` is set to the same value as the
7146
+ # `containerPortRange`. This is a static mapping strategy.
7018
7147
  #
7019
7148
  # * For containers in a task with the `bridge` network mode, the
7020
7149
  # Amazon ECS agent finds open host ports from the default
@@ -7156,20 +7285,22 @@ module Aws::ECS
7156
7285
  end
7157
7286
 
7158
7287
  # @!attribute [rw] name
7159
- # The resource name for which to modify the account setting. If
7160
- # `serviceLongArnFormat` is specified, the ARN for your Amazon ECS
7161
- # services is affected. If `taskLongArnFormat` is specified, the ARN
7162
- # and resource ID for your Amazon ECS tasks is affected. If
7163
- # `containerInstanceLongArnFormat` is specified, the ARN and resource
7164
- # ID for your Amazon ECS container instances is affected. If
7165
- # `awsvpcTrunking` is specified, the ENI limit for your Amazon ECS
7166
- # container instances is affected. If `containerInsights` is
7167
- # specified, the default setting for Amazon Web Services CloudWatch
7168
- # Container Insights for your clusters is affected. If
7169
- # `tagResourceAuthorization` is specified, the opt-in option for
7170
- # tagging resources on creation is affected. For information about the
7171
- # opt-in timeline, see [Tagging authorization timeline][1] in the
7172
- # *Amazon ECS Developer Guide*.
7288
+ # The resource name for which to modify the account setting. If you
7289
+ # specify `serviceLongArnFormat`, the ARN for your Amazon ECS services
7290
+ # is affected. If you specify `taskLongArnFormat`, the ARN and
7291
+ # resource ID for your Amazon ECS tasks is affected. If you specify
7292
+ # `containerInstanceLongArnFormat`, the ARN and resource ID for your
7293
+ # Amazon ECS container instances is affected. If you specify
7294
+ # `awsvpcTrunking`, the ENI limit for your Amazon ECS container
7295
+ # instances is affected. If you specify `containerInsights`, the
7296
+ # default setting for Amazon Web Services CloudWatch Container
7297
+ # Insights for your clusters is affected. If you specify
7298
+ # `tagResourceAuthorization`, the opt-in option for tagging resources
7299
+ # on creation is affected. For information about the opt-in timeline,
7300
+ # see [Tagging authorization timeline][1] in the *Amazon ECS Developer
7301
+ # Guide*. If you specify `fargateTaskRetirementWaitPeriod`, the
7302
+ # default wait time to retire a Fargate task due to required
7303
+ # maintenance is affected.
7173
7304
  #
7174
7305
  # When you specify `fargateFIPSMode` for the `name` and `enabled` for
7175
7306
  # the `value`, Fargate uses FIPS-140 compliant cryptographic
@@ -7178,15 +7309,36 @@ module Aws::ECS
7178
7309
  # Information Processing Standard (FIPS) 140-2 compliance][2] in the
7179
7310
  # *Amazon Elastic Container Service Developer Guide*.
7180
7311
  #
7312
+ # When Amazon Web Services determines that a security or
7313
+ # infrastructure update is needed for an Amazon ECS task hosted on
7314
+ # Fargate, the tasks need to be stopped and new tasks launched to
7315
+ # replace them. Use `fargateTaskRetirementWaitPeriod` to set the wait
7316
+ # time to retire a Fargate task to the default. For information about
7317
+ # the Fargate tasks maintenance, see [Amazon Web Services Fargate task
7318
+ # maintenance][3] in the *Amazon ECS Developer Guide*.
7319
+ #
7181
7320
  #
7182
7321
  #
7183
7322
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-account-settings.html#tag-resources
7184
7323
  # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-fips-compliance.html
7324
+ # [3]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-maintenance.html
7185
7325
  # @return [String]
7186
7326
  #
7187
7327
  # @!attribute [rw] value
7188
7328
  # The account setting value for the specified principal ARN. Accepted
7189
- # values are `enabled` and `disabled`.
7329
+ # values are `enabled`, `disabled`, `on`, and `off`.
7330
+ #
7331
+ # When you specify `fargateTaskRetirementWaitPeriod` for the `name`,
7332
+ # the following are the valid values:
7333
+ #
7334
+ # * `0` - Amazon Web Services sends the notification, and immediately
7335
+ # retires the affected tasks.
7336
+ #
7337
+ # * `7` - Amazon Web Services sends the notification, and waits 7
7338
+ # calendar days to retire the tasks.
7339
+ #
7340
+ # * `14` - Amazon Web Services sends the notification, and waits 14
7341
+ # calendar days to retire the tasks.
7190
7342
  # @return [String]
7191
7343
  #
7192
7344
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/PutAccountSettingDefaultRequest AWS API Documentation
@@ -7212,20 +7364,22 @@ module Aws::ECS
7212
7364
 
7213
7365
  # @!attribute [rw] name
7214
7366
  # The Amazon ECS resource name for which to modify the account
7215
- # setting. If `serviceLongArnFormat` is specified, the ARN for your
7216
- # Amazon ECS services is affected. If `taskLongArnFormat` is
7217
- # specified, the ARN and resource ID for your Amazon ECS tasks is
7218
- # affected. If `containerInstanceLongArnFormat` is specified, the ARN
7219
- # and resource ID for your Amazon ECS container instances is affected.
7220
- # If `awsvpcTrunking` is specified, the elastic network interface
7221
- # (ENI) limit for your Amazon ECS container instances is affected. If
7222
- # `containerInsights` is specified, the default setting for Amazon Web
7223
- # Services CloudWatch Container Insights for your clusters is
7224
- # affected. If `fargateFIPSMode` is specified, Fargate FIPS 140
7225
- # compliance is affected. If `tagResourceAuthorization` is specified,
7226
- # the opt-in option for tagging resources on creation is affected. For
7227
- # information about the opt-in timeline, see [Tagging authorization
7228
- # timeline][1] in the *Amazon ECS Developer Guide*.
7367
+ # setting. If you specify `serviceLongArnFormat`, the ARN for your
7368
+ # Amazon ECS services is affected. If you specify `taskLongArnFormat`,
7369
+ # the ARN and resource ID for your Amazon ECS tasks is affected. If
7370
+ # you specify `containerInstanceLongArnFormat`, the ARN and resource
7371
+ # ID for your Amazon ECS container instances is affected. If you
7372
+ # specify `awsvpcTrunking`, the elastic network interface (ENI) limit
7373
+ # for your Amazon ECS container instances is affected. If you specify
7374
+ # `containerInsights`, the default setting for Amazon Web Services
7375
+ # CloudWatch Container Insights for your clusters is affected. If you
7376
+ # specify `fargateFIPSMode`, Fargate FIPS 140 compliance is affected.
7377
+ # If you specify `tagResourceAuthorization`, the opt-in option for
7378
+ # tagging resources on creation is affected. For information about the
7379
+ # opt-in timeline, see [Tagging authorization timeline][1] in the
7380
+ # *Amazon ECS Developer Guide*. If you specify
7381
+ # `fargateTaskRetirementWaitPeriod`, the wait time to retire a Fargate
7382
+ # task is affected.
7229
7383
  #
7230
7384
  #
7231
7385
  #
@@ -7234,7 +7388,19 @@ module Aws::ECS
7234
7388
  #
7235
7389
  # @!attribute [rw] value
7236
7390
  # The account setting value for the specified principal ARN. Accepted
7237
- # values are `enabled` and `disabled`.
7391
+ # values are `enabled`, `disabled`, `on`, and `off`.
7392
+ #
7393
+ # When you specify `fargateTaskRetirementWaitPeriod` for the `name`,
7394
+ # the following are the valid values:
7395
+ #
7396
+ # * `0` - Amazon Web Services sends the notification, and immediately
7397
+ # retires the affected tasks.
7398
+ #
7399
+ # * `7` - Amazon Web Services sends the notification, and waits 7
7400
+ # calendar days to retire the tasks.
7401
+ #
7402
+ # * `14` - Amazon Web Services sends the notification, and waits 14
7403
+ # calendar days to retire the tasks.
7238
7404
  # @return [String]
7239
7405
  #
7240
7406
  # @!attribute [rw] principal_arn
@@ -7244,7 +7410,10 @@ module Aws::ECS
7244
7410
  # or role explicitly overrides these settings. If this field is
7245
7411
  # omitted, the setting is changed only for the authenticated user.
7246
7412
  #
7247
- # <note markdown="1"> Federated users assume the account setting of the root user and
7413
+ # <note markdown="1"> You must use the root user when you set the Fargate wait time
7414
+ # (`fargateTaskRetirementWaitPeriod`).
7415
+ #
7416
+ # Federated users assume the account setting of the root user and
7248
7417
  # can't have explicit account settings set for them.
7249
7418
  #
7250
7419
  # </note>
@@ -7710,20 +7879,33 @@ module Aws::ECS
7710
7879
  #
7711
7880
  # @!attribute [rw] pid_mode
7712
7881
  # The process namespace to use for the containers in the task. The
7713
- # valid values are `host` or `task`. If `host` is specified, then all
7714
- # containers within the tasks that specified the `host` PID mode on
7715
- # the same container instance share the same process namespace with
7716
- # the host Amazon EC2 instance. If `task` is specified, all containers
7717
- # within the specified task share the same process namespace. If no
7718
- # value is specified, the default is a private namespace. For more
7719
- # information, see [PID settings][1] in the *Docker run reference*.
7720
- #
7721
- # If the `host` PID mode is used, be aware that there is a heightened
7722
- # risk of undesired process namespace expose. For more information,
7723
- # see [Docker security][2].
7882
+ # valid values are `host` or `task`. On Fargate for Linux containers,
7883
+ # the only valid value is `task`. For example, monitoring sidecars
7884
+ # might need `pidMode` to access information about other containers
7885
+ # running in the same task.
7724
7886
  #
7725
- # <note markdown="1"> This parameter is not supported for Windows containers or tasks run
7726
- # on Fargate.
7887
+ # If `host` is specified, all containers within the tasks that
7888
+ # specified the `host` PID mode on the same container instance share
7889
+ # the same process namespace with the host Amazon EC2 instance.
7890
+ #
7891
+ # If `task` is specified, all containers within the specified task
7892
+ # share the same process namespace.
7893
+ #
7894
+ # If no value is specified, the default is a private namespace for
7895
+ # each container. For more information, see [PID settings][1] in the
7896
+ # *Docker run reference*.
7897
+ #
7898
+ # If the `host` PID mode is used, there's a heightened risk of
7899
+ # undesired process namespace exposure. For more information, see
7900
+ # [Docker security][2].
7901
+ #
7902
+ # <note markdown="1"> This parameter is not supported for Windows containers.
7903
+ #
7904
+ # </note>
7905
+ #
7906
+ # <note markdown="1"> This parameter is only supported for tasks that are hosted on
7907
+ # Fargate if the tasks are using platform version `1.4.0` or later
7908
+ # (Linux). This isn't supported for Windows containers on Fargate.
7727
7909
  #
7728
7910
  # </note>
7729
7911
  #
@@ -8789,9 +8971,15 @@ module Aws::ECS
8789
8971
  # your containers.
8790
8972
  #
8791
8973
  # * Amazon ECS currently supports a subset of the logging drivers
8792
- # available to the Docker daemon (shown in the valid values below).
8793
- # Additional log drivers may be available in future releases of the
8794
- # Amazon ECS container agent.
8974
+ # available to the Docker daemon. Additional log drivers may be
8975
+ # available in future releases of the Amazon ECS container agent.
8976
+ #
8977
+ # For tasks on Fargate, the supported log drivers are `awslogs`,
8978
+ # `splunk`, and `awsfirelens`.
8979
+ #
8980
+ # For tasks hosted on Amazon EC2 instances, the supported log
8981
+ # drivers are `awslogs`, `fluentd`, `gelf`, `json-file`, `journald`,
8982
+ # `logentries`,`syslog`, `splunk`, and `awsfirelens`.
8795
8983
  #
8796
8984
  # * This parameter requires version 1.18 of the Docker Remote API or
8797
8985
  # greater on your container instance.
@@ -9478,8 +9666,16 @@ module Aws::ECS
9478
9666
  # @return [String]
9479
9667
  #
9480
9668
  # @!attribute [rw] value
9481
- # The value for the namespaced kernel parameter that's specified in
9482
- # `namespace`.
9669
+ # The namespaced kernel parameter to set a `value` for.
9670
+ #
9671
+ # Valid IPC namespace values: `"kernel.msgmax" | "kernel.msgmnb" |
9672
+ # "kernel.msgmni" | "kernel.sem" | "kernel.shmall" | "kernel.shmmax" |
9673
+ # "kernel.shmmni" | "kernel.shm_rmid_forced"`, and `Sysctls` that
9674
+ # start with `"fs.mqueue.*"`
9675
+ #
9676
+ # Valid network namespace values: `Sysctls` that start with `"net.*"`
9677
+ #
9678
+ # All of these values are supported by Fargate.
9483
9679
  # @return [String]
9484
9680
  #
9485
9681
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/SystemControl AWS API Documentation
@@ -9865,6 +10061,9 @@ module Aws::ECS
9865
10061
  # The stop code indicating why a task was stopped. The `stoppedReason`
9866
10062
  # might contain additional details.
9867
10063
  #
10064
+ # For more information about stop code, see [Stopped tasks error
10065
+ # codes][1] in the *Amazon ECS User Guide*.
10066
+ #
9868
10067
  # The following are valid values:
9869
10068
  #
9870
10069
  # * `TaskFailedToStart`
@@ -9878,6 +10077,10 @@ module Aws::ECS
9878
10077
  # * `ServiceSchedulerInitiated`
9879
10078
  #
9880
10079
  # * `SpotInterruption`
10080
+ #
10081
+ #
10082
+ #
10083
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/userguide/stopped-task-error-codes.html
9881
10084
  # @return [String]
9882
10085
  #
9883
10086
  # @!attribute [rw] stopped_at
@@ -9893,7 +10096,7 @@ module Aws::ECS
9893
10096
  # @!attribute [rw] stopping_at
9894
10097
  # The Unix timestamp for the time when the task stops. More
9895
10098
  # specifically, it's for the time when the task transitions from the
9896
- # `RUNNING` state to `STOPPED`.
10099
+ # `RUNNING` state to `STOPPING`.
9897
10100
  # @return [Time]
9898
10101
  #
9899
10102
  # @!attribute [rw] tags
@@ -10178,9 +10381,10 @@ module Aws::ECS
10178
10381
  # @return [Types::RuntimePlatform]
10179
10382
  #
10180
10383
  # @!attribute [rw] requires_compatibilities
10181
- # The task launch types the task definition was validated against. For
10182
- # more information, see [Amazon ECS launch types][1] in the *Amazon
10183
- # Elastic Container Service Developer Guide*.
10384
+ # The task launch types the task definition was validated against. The
10385
+ # valid values are `EC2`, `FARGATE`, and `EXTERNAL`. For more
10386
+ # information, see [Amazon ECS launch types][1] in the *Amazon Elastic
10387
+ # Container Service Developer Guide*.
10184
10388
  #
10185
10389
  #
10186
10390
  #
@@ -10274,20 +10478,33 @@ module Aws::ECS
10274
10478
  #
10275
10479
  # @!attribute [rw] pid_mode
10276
10480
  # The process namespace to use for the containers in the task. The
10277
- # valid values are `host` or `task`. If `host` is specified, then all
10278
- # containers within the tasks that specified the `host` PID mode on
10279
- # the same container instance share the same process namespace with
10280
- # the host Amazon EC2 instance. If `task` is specified, all containers
10281
- # within the specified task share the same process namespace. If no
10282
- # value is specified, the default is a private namespace. For more
10283
- # information, see [PID settings][1] in the *Docker run reference*.
10284
- #
10285
- # If the `host` PID mode is used, be aware that there is a heightened
10286
- # risk of undesired process namespace expose. For more information,
10287
- # see [Docker security][2].
10481
+ # valid values are `host` or `task`. On Fargate for Linux containers,
10482
+ # the only valid value is `task`. For example, monitoring sidecars
10483
+ # might need `pidMode` to access information about other containers
10484
+ # running in the same task.
10288
10485
  #
10289
- # <note markdown="1"> This parameter is not supported for Windows containers or tasks run
10290
- # on Fargate.
10486
+ # If `host` is specified, all containers within the tasks that
10487
+ # specified the `host` PID mode on the same container instance share
10488
+ # the same process namespace with the host Amazon EC2 instance.
10489
+ #
10490
+ # If `task` is specified, all containers within the specified task
10491
+ # share the same process namespace.
10492
+ #
10493
+ # If no value is specified, the default is a private namespace for
10494
+ # each container. For more information, see [PID settings][1] in the
10495
+ # *Docker run reference*.
10496
+ #
10497
+ # If the `host` PID mode is used, there's a heightened risk of
10498
+ # undesired process namespace exposure. For more information, see
10499
+ # [Docker security][2].
10500
+ #
10501
+ # <note markdown="1"> This parameter is not supported for Windows containers.
10502
+ #
10503
+ # </note>
10504
+ #
10505
+ # <note markdown="1"> This parameter is only supported for tasks that are hosted on
10506
+ # Fargate if the tasks are using platform version `1.4.0` or later
10507
+ # (Linux). This isn't supported for Windows containers on Fargate.
10291
10508
  #
10292
10509
  # </note>
10293
10510
  #
@@ -11530,6 +11747,8 @@ module Aws::ECS
11530
11747
  # numbers, underscores, and hyphens are allowed. This name is
11531
11748
  # referenced in the `sourceVolume` parameter of container definition
11532
11749
  # `mountPoints`.
11750
+ #
11751
+ # This is required wwhen you use an Amazon EFS volume.
11533
11752
  # @return [String]
11534
11753
  #
11535
11754
  # @!attribute [rw] host