aws-sdk-ecs 1.67.0 → 1.72.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -25,6 +25,7 @@ module Aws::ECS
25
25
  AttributeLimitExceededException = Shapes::StructureShape.new(name: 'AttributeLimitExceededException')
26
26
  Attributes = Shapes::ListShape.new(name: 'Attributes')
27
27
  AutoScalingGroupProvider = Shapes::StructureShape.new(name: 'AutoScalingGroupProvider')
28
+ AutoScalingGroupProviderUpdate = Shapes::StructureShape.new(name: 'AutoScalingGroupProviderUpdate')
28
29
  AwsVpcConfiguration = Shapes::StructureShape.new(name: 'AwsVpcConfiguration')
29
30
  BlockedException = Shapes::StructureShape.new(name: 'BlockedException')
30
31
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
@@ -92,9 +93,11 @@ module Aws::ECS
92
93
  DeleteTaskSetRequest = Shapes::StructureShape.new(name: 'DeleteTaskSetRequest')
93
94
  DeleteTaskSetResponse = Shapes::StructureShape.new(name: 'DeleteTaskSetResponse')
94
95
  Deployment = Shapes::StructureShape.new(name: 'Deployment')
96
+ DeploymentCircuitBreaker = Shapes::StructureShape.new(name: 'DeploymentCircuitBreaker')
95
97
  DeploymentConfiguration = Shapes::StructureShape.new(name: 'DeploymentConfiguration')
96
98
  DeploymentController = Shapes::StructureShape.new(name: 'DeploymentController')
97
99
  DeploymentControllerType = Shapes::StringShape.new(name: 'DeploymentControllerType')
100
+ DeploymentRolloutState = Shapes::StringShape.new(name: 'DeploymentRolloutState')
98
101
  Deployments = Shapes::ListShape.new(name: 'Deployments')
99
102
  DeregisterContainerInstanceRequest = Shapes::StructureShape.new(name: 'DeregisterContainerInstanceRequest')
100
103
  DeregisterContainerInstanceResponse = Shapes::StructureShape.new(name: 'DeregisterContainerInstanceResponse')
@@ -132,6 +135,8 @@ module Aws::ECS
132
135
  EnvironmentFileType = Shapes::StringShape.new(name: 'EnvironmentFileType')
133
136
  EnvironmentFiles = Shapes::ListShape.new(name: 'EnvironmentFiles')
134
137
  EnvironmentVariables = Shapes::ListShape.new(name: 'EnvironmentVariables')
138
+ FSxWindowsFileServerAuthorizationConfig = Shapes::StructureShape.new(name: 'FSxWindowsFileServerAuthorizationConfig')
139
+ FSxWindowsFileServerVolumeConfiguration = Shapes::StructureShape.new(name: 'FSxWindowsFileServerVolumeConfiguration')
135
140
  Failure = Shapes::StructureShape.new(name: 'Failure')
136
141
  Failures = Shapes::ListShape.new(name: 'Failures')
137
142
  FirelensConfiguration = Shapes::StructureShape.new(name: 'FirelensConfiguration')
@@ -180,6 +185,7 @@ module Aws::ECS
180
185
  LogDriver = Shapes::StringShape.new(name: 'LogDriver')
181
186
  Long = Shapes::IntegerShape.new(name: 'Long')
182
187
  ManagedScaling = Shapes::StructureShape.new(name: 'ManagedScaling')
188
+ ManagedScalingInstanceWarmupPeriod = Shapes::IntegerShape.new(name: 'ManagedScalingInstanceWarmupPeriod')
183
189
  ManagedScalingStatus = Shapes::StringShape.new(name: 'ManagedScalingStatus')
184
190
  ManagedScalingStepSize = Shapes::IntegerShape.new(name: 'ManagedScalingStepSize')
185
191
  ManagedScalingTargetCapacity = Shapes::IntegerShape.new(name: 'ManagedScalingTargetCapacity')
@@ -311,6 +317,8 @@ module Aws::ECS
311
317
  UnsupportedFeatureException = Shapes::StructureShape.new(name: 'UnsupportedFeatureException')
312
318
  UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
313
319
  UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
320
+ UpdateCapacityProviderRequest = Shapes::StructureShape.new(name: 'UpdateCapacityProviderRequest')
321
+ UpdateCapacityProviderResponse = Shapes::StructureShape.new(name: 'UpdateCapacityProviderResponse')
314
322
  UpdateClusterSettingsRequest = Shapes::StructureShape.new(name: 'UpdateClusterSettingsRequest')
315
323
  UpdateClusterSettingsResponse = Shapes::StructureShape.new(name: 'UpdateClusterSettingsResponse')
316
324
  UpdateContainerAgentRequest = Shapes::StructureShape.new(name: 'UpdateContainerAgentRequest')
@@ -363,6 +371,10 @@ module Aws::ECS
363
371
  AutoScalingGroupProvider.add_member(:managed_termination_protection, Shapes::ShapeRef.new(shape: ManagedTerminationProtection, location_name: "managedTerminationProtection"))
364
372
  AutoScalingGroupProvider.struct_class = Types::AutoScalingGroupProvider
365
373
 
374
+ AutoScalingGroupProviderUpdate.add_member(:managed_scaling, Shapes::ShapeRef.new(shape: ManagedScaling, location_name: "managedScaling"))
375
+ AutoScalingGroupProviderUpdate.add_member(:managed_termination_protection, Shapes::ShapeRef.new(shape: ManagedTerminationProtection, location_name: "managedTerminationProtection"))
376
+ AutoScalingGroupProviderUpdate.struct_class = Types::AutoScalingGroupProviderUpdate
377
+
366
378
  AwsVpcConfiguration.add_member(:subnets, Shapes::ShapeRef.new(shape: StringList, required: true, location_name: "subnets"))
367
379
  AwsVpcConfiguration.add_member(:security_groups, Shapes::ShapeRef.new(shape: StringList, location_name: "securityGroups"))
368
380
  AwsVpcConfiguration.add_member(:assign_public_ip, Shapes::ShapeRef.new(shape: AssignPublicIp, location_name: "assignPublicIp"))
@@ -655,14 +667,22 @@ module Aws::ECS
655
667
  Deployment.add_member(:desired_count, Shapes::ShapeRef.new(shape: Integer, location_name: "desiredCount"))
656
668
  Deployment.add_member(:pending_count, Shapes::ShapeRef.new(shape: Integer, location_name: "pendingCount"))
657
669
  Deployment.add_member(:running_count, Shapes::ShapeRef.new(shape: Integer, location_name: "runningCount"))
670
+ Deployment.add_member(:failed_tasks, Shapes::ShapeRef.new(shape: Integer, location_name: "failedTasks"))
658
671
  Deployment.add_member(:created_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "createdAt"))
659
672
  Deployment.add_member(:updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "updatedAt"))
660
673
  Deployment.add_member(:capacity_provider_strategy, Shapes::ShapeRef.new(shape: CapacityProviderStrategy, location_name: "capacityProviderStrategy"))
661
674
  Deployment.add_member(:launch_type, Shapes::ShapeRef.new(shape: LaunchType, location_name: "launchType"))
662
675
  Deployment.add_member(:platform_version, Shapes::ShapeRef.new(shape: String, location_name: "platformVersion"))
663
676
  Deployment.add_member(:network_configuration, Shapes::ShapeRef.new(shape: NetworkConfiguration, location_name: "networkConfiguration"))
677
+ Deployment.add_member(:rollout_state, Shapes::ShapeRef.new(shape: DeploymentRolloutState, location_name: "rolloutState"))
678
+ Deployment.add_member(:rollout_state_reason, Shapes::ShapeRef.new(shape: String, location_name: "rolloutStateReason"))
664
679
  Deployment.struct_class = Types::Deployment
665
680
 
681
+ DeploymentCircuitBreaker.add_member(:enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "enable"))
682
+ DeploymentCircuitBreaker.add_member(:rollback, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "rollback"))
683
+ DeploymentCircuitBreaker.struct_class = Types::DeploymentCircuitBreaker
684
+
685
+ DeploymentConfiguration.add_member(:deployment_circuit_breaker, Shapes::ShapeRef.new(shape: DeploymentCircuitBreaker, location_name: "deploymentCircuitBreaker"))
666
686
  DeploymentConfiguration.add_member(:maximum_percent, Shapes::ShapeRef.new(shape: BoxedInteger, location_name: "maximumPercent"))
667
687
  DeploymentConfiguration.add_member(:minimum_healthy_percent, Shapes::ShapeRef.new(shape: BoxedInteger, location_name: "minimumHealthyPercent"))
668
688
  DeploymentConfiguration.struct_class = Types::DeploymentConfiguration
@@ -796,6 +816,15 @@ module Aws::ECS
796
816
 
797
817
  EnvironmentVariables.member = Shapes::ShapeRef.new(shape: KeyValuePair)
798
818
 
819
+ FSxWindowsFileServerAuthorizationConfig.add_member(:credentials_parameter, Shapes::ShapeRef.new(shape: String, required: true, location_name: "credentialsParameter"))
820
+ FSxWindowsFileServerAuthorizationConfig.add_member(:domain, Shapes::ShapeRef.new(shape: String, required: true, location_name: "domain"))
821
+ FSxWindowsFileServerAuthorizationConfig.struct_class = Types::FSxWindowsFileServerAuthorizationConfig
822
+
823
+ FSxWindowsFileServerVolumeConfiguration.add_member(:file_system_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "fileSystemId"))
824
+ FSxWindowsFileServerVolumeConfiguration.add_member(:root_directory, Shapes::ShapeRef.new(shape: String, required: true, location_name: "rootDirectory"))
825
+ FSxWindowsFileServerVolumeConfiguration.add_member(:authorization_config, Shapes::ShapeRef.new(shape: FSxWindowsFileServerAuthorizationConfig, required: true, location_name: "authorizationConfig"))
826
+ FSxWindowsFileServerVolumeConfiguration.struct_class = Types::FSxWindowsFileServerVolumeConfiguration
827
+
799
828
  Failure.add_member(:arn, Shapes::ShapeRef.new(shape: String, location_name: "arn"))
800
829
  Failure.add_member(:reason, Shapes::ShapeRef.new(shape: String, location_name: "reason"))
801
830
  Failure.add_member(:detail, Shapes::ShapeRef.new(shape: String, location_name: "detail"))
@@ -977,6 +1006,7 @@ module Aws::ECS
977
1006
  ManagedScaling.add_member(:target_capacity, Shapes::ShapeRef.new(shape: ManagedScalingTargetCapacity, location_name: "targetCapacity"))
978
1007
  ManagedScaling.add_member(:minimum_scaling_step_size, Shapes::ShapeRef.new(shape: ManagedScalingStepSize, location_name: "minimumScalingStepSize"))
979
1008
  ManagedScaling.add_member(:maximum_scaling_step_size, Shapes::ShapeRef.new(shape: ManagedScalingStepSize, location_name: "maximumScalingStepSize"))
1009
+ ManagedScaling.add_member(:instance_warmup_period, Shapes::ShapeRef.new(shape: ManagedScalingInstanceWarmupPeriod, location_name: "instanceWarmupPeriod"))
980
1010
  ManagedScaling.struct_class = Types::ManagedScaling
981
1011
 
982
1012
  MissingVersionException.struct_class = Types::MissingVersionException
@@ -1447,6 +1477,13 @@ module Aws::ECS
1447
1477
 
1448
1478
  UntagResourceResponse.struct_class = Types::UntagResourceResponse
1449
1479
 
1480
+ UpdateCapacityProviderRequest.add_member(:name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "name"))
1481
+ UpdateCapacityProviderRequest.add_member(:auto_scaling_group_provider, Shapes::ShapeRef.new(shape: AutoScalingGroupProviderUpdate, required: true, location_name: "autoScalingGroupProvider"))
1482
+ UpdateCapacityProviderRequest.struct_class = Types::UpdateCapacityProviderRequest
1483
+
1484
+ UpdateCapacityProviderResponse.add_member(:capacity_provider, Shapes::ShapeRef.new(shape: CapacityProvider, location_name: "capacityProvider"))
1485
+ UpdateCapacityProviderResponse.struct_class = Types::UpdateCapacityProviderResponse
1486
+
1450
1487
  UpdateClusterSettingsRequest.add_member(:cluster, Shapes::ShapeRef.new(shape: String, required: true, location_name: "cluster"))
1451
1488
  UpdateClusterSettingsRequest.add_member(:settings, Shapes::ShapeRef.new(shape: ClusterSettings, required: true, location_name: "settings"))
1452
1489
  UpdateClusterSettingsRequest.struct_class = Types::UpdateClusterSettingsRequest
@@ -1515,6 +1552,7 @@ module Aws::ECS
1515
1552
  Volume.add_member(:host, Shapes::ShapeRef.new(shape: HostVolumeProperties, location_name: "host"))
1516
1553
  Volume.add_member(:docker_volume_configuration, Shapes::ShapeRef.new(shape: DockerVolumeConfiguration, location_name: "dockerVolumeConfiguration"))
1517
1554
  Volume.add_member(:efs_volume_configuration, Shapes::ShapeRef.new(shape: EFSVolumeConfiguration, location_name: "efsVolumeConfiguration"))
1555
+ Volume.add_member(:fsx_windows_file_server_volume_configuration, Shapes::ShapeRef.new(shape: FSxWindowsFileServerVolumeConfiguration, location_name: "fsxWindowsFileServerVolumeConfiguration"))
1518
1556
  Volume.struct_class = Types::Volume
1519
1557
 
1520
1558
  VolumeFrom.add_member(:source_container, Shapes::ShapeRef.new(shape: String, location_name: "sourceContainer"))
@@ -2122,6 +2160,17 @@ module Aws::ECS
2122
2160
  o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
2123
2161
  end)
2124
2162
 
2163
+ api.add_operation(:update_capacity_provider, Seahorse::Model::Operation.new.tap do |o|
2164
+ o.name = "UpdateCapacityProvider"
2165
+ o.http_method = "POST"
2166
+ o.http_request_uri = "/"
2167
+ o.input = Shapes::ShapeRef.new(shape: UpdateCapacityProviderRequest)
2168
+ o.output = Shapes::ShapeRef.new(shape: UpdateCapacityProviderResponse)
2169
+ o.errors << Shapes::ShapeRef.new(shape: ServerException)
2170
+ o.errors << Shapes::ShapeRef.new(shape: ClientException)
2171
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
2172
+ end)
2173
+
2125
2174
  api.add_operation(:update_cluster_settings, Seahorse::Model::Operation.new.tap do |o|
2126
2175
  o.name = "UpdateClusterSettings"
2127
2176
  o.http_method = "POST"
@@ -97,14 +97,18 @@ module Aws::ECS
97
97
  # }
98
98
  #
99
99
  # @!attribute [rw] name
100
- # The name of the attribute. Up to 128 letters (uppercase and
101
- # lowercase), numbers, hyphens, underscores, and periods are allowed.
100
+ # The name of the attribute. The `name` must contain between 1 and 128
101
+ # characters and name may contain letters (uppercase and lowercase),
102
+ # numbers, hyphens, underscores, forward slashes, back slashes, or
103
+ # periods.
102
104
  # @return [String]
103
105
  #
104
106
  # @!attribute [rw] value
105
- # The value of the attribute. Up to 128 letters (uppercase and
106
- # lowercase), numbers, hyphens, underscores, periods, at signs (@),
107
- # forward slashes, colons, and spaces are allowed.
107
+ # The value of the attribute. The `value` must contain between 1 and
108
+ # 128 characters and may contain letters (uppercase and lowercase),
109
+ # numbers, hyphens, underscores, periods, at signs (@), forward
110
+ # slashes, back slashes, colons, or spaces. The value cannot contain
111
+ # any leading or trailing whitespace.
108
112
  # @return [String]
109
113
  #
110
114
  # @!attribute [rw] target_type
@@ -149,6 +153,7 @@ module Aws::ECS
149
153
  # target_capacity: 1,
150
154
  # minimum_scaling_step_size: 1,
151
155
  # maximum_scaling_step_size: 1,
156
+ # instance_warmup_period: 1,
152
157
  # },
153
158
  # managed_termination_protection: "ENABLED", # accepts ENABLED, DISABLED
154
159
  # }
@@ -198,6 +203,76 @@ module Aws::ECS
198
203
  include Aws::Structure
199
204
  end
200
205
 
206
+ # The details of the Auto Scaling group capacity provider to update.
207
+ #
208
+ # @note When making an API call, you may pass AutoScalingGroupProviderUpdate
209
+ # data as a hash:
210
+ #
211
+ # {
212
+ # managed_scaling: {
213
+ # status: "ENABLED", # accepts ENABLED, DISABLED
214
+ # target_capacity: 1,
215
+ # minimum_scaling_step_size: 1,
216
+ # maximum_scaling_step_size: 1,
217
+ # instance_warmup_period: 1,
218
+ # },
219
+ # managed_termination_protection: "ENABLED", # accepts ENABLED, DISABLED
220
+ # }
221
+ #
222
+ # @!attribute [rw] managed_scaling
223
+ # The managed scaling settings for the Auto Scaling group capacity
224
+ # provider.
225
+ #
226
+ # When managed scaling is enabled, Amazon ECS manages the scale-in and
227
+ # scale-out actions of the Auto Scaling group. Amazon ECS manages a
228
+ # target tracking scaling policy using an Amazon ECS-managed
229
+ # CloudWatch metric with the specified `targetCapacity` value as the
230
+ # target value for the metric. For more information, see [Using
231
+ # Managed Scaling][1] in the *Amazon Elastic Container Service
232
+ # Developer Guide*.
233
+ #
234
+ # If managed scaling is disabled, the user must manage the scaling of
235
+ # the Auto Scaling group.
236
+ #
237
+ #
238
+ #
239
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/asg-capacity-providers.html#asg-capacity-providers-managed-scaling
240
+ # @return [Types::ManagedScaling]
241
+ #
242
+ # @!attribute [rw] managed_termination_protection
243
+ # The managed termination protection setting to use for the Auto
244
+ # Scaling group capacity provider. This determines whether the Auto
245
+ # Scaling group has managed termination protection.
246
+ #
247
+ # When using managed termination protection, managed scaling must also
248
+ # be used otherwise managed termination protection will not work.
249
+ #
250
+ # When managed termination protection is enabled, Amazon ECS prevents
251
+ # the Amazon EC2 instances in an Auto Scaling group that contain tasks
252
+ # from being terminated during a scale-in action. The Auto Scaling
253
+ # group and each instance in the Auto Scaling group must have instance
254
+ # protection from scale-in actions enabled as well. For more
255
+ # information, see [Instance Protection][1] in the *AWS Auto Scaling
256
+ # User Guide*.
257
+ #
258
+ # When managed termination protection is disabled, your Amazon EC2
259
+ # instances are not protected from termination when the Auto Scaling
260
+ # group scales in.
261
+ #
262
+ #
263
+ #
264
+ # [1]: https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection
265
+ # @return [String]
266
+ #
267
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/AutoScalingGroupProviderUpdate AWS API Documentation
268
+ #
269
+ class AutoScalingGroupProviderUpdate < Struct.new(
270
+ :managed_scaling,
271
+ :managed_termination_protection)
272
+ SENSITIVE = []
273
+ include Aws::Structure
274
+ end
275
+
201
276
  # An object representing the networking details for a task or service.
202
277
  #
203
278
  # @note When making an API call, you may pass AwsVpcConfiguration
@@ -210,8 +285,9 @@ module Aws::ECS
210
285
  # }
211
286
  #
212
287
  # @!attribute [rw] subnets
213
- # The subnets associated with the task or service. There is a limit of
214
- # 16 subnets that can be specified per `AwsVpcConfiguration`.
288
+ # The IDs of the subnets associated with the task or service. There is
289
+ # a limit of 16 subnets that can be specified per
290
+ # `AwsVpcConfiguration`.
215
291
  #
216
292
  # <note markdown="1"> All specified subnets must be from the same VPC.
217
293
  #
@@ -219,10 +295,10 @@ module Aws::ECS
219
295
  # @return [Array<String>]
220
296
  #
221
297
  # @!attribute [rw] security_groups
222
- # The security groups associated with the task or service. If you do
223
- # not specify a security group, the default security group for the VPC
224
- # is used. There is a limit of 5 security groups that can be specified
225
- # per `AwsVpcConfiguration`.
298
+ # The IDs of the security groups associated with the task or service.
299
+ # If you do not specify a security group, the default security group
300
+ # for the VPC is used. There is a limit of 5 security groups that can
301
+ # be specified per `AwsVpcConfiguration`.
226
302
  #
227
303
  # <note markdown="1"> All specified security groups must be from the same VPC.
228
304
  #
@@ -919,7 +995,7 @@ module Aws::ECS
919
995
  #
920
996
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
921
997
  # [2]: https://docs.docker.com/engine/api/v1.35/
922
- # [3]: https://docs.docker.com/engine/reference/run/
998
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
923
999
  # @return [String]
924
1000
  #
925
1001
  # @!attribute [rw] image
@@ -958,7 +1034,7 @@ module Aws::ECS
958
1034
  #
959
1035
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
960
1036
  # [2]: https://docs.docker.com/engine/api/v1.35/
961
- # [3]: https://docs.docker.com/engine/reference/run/
1037
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
962
1038
  # @return [String]
963
1039
  #
964
1040
  # @!attribute [rw] repository_credentials
@@ -1016,13 +1092,14 @@ module Aws::ECS
1016
1092
  # On Windows container instances, the CPU limit is enforced as an
1017
1093
  # absolute limit, or a quota. Windows containers only have access to
1018
1094
  # the specified amount of CPU that is described in the task
1019
- # definition.
1095
+ # definition. A null or zero CPU value is passed to Docker as `0`,
1096
+ # which Windows interprets as 1% of one CPU.
1020
1097
  #
1021
1098
  #
1022
1099
  #
1023
1100
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1024
1101
  # [2]: https://docs.docker.com/engine/api/v1.35/
1025
- # [3]: https://docs.docker.com/engine/reference/run/
1102
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1026
1103
  # [4]: http://aws.amazon.com/ec2/instance-types/
1027
1104
  # [5]: https://docs.docker.com/engine/reference/run/#cpu-share-constraint
1028
1105
  # @return [Integer]
@@ -1054,7 +1131,7 @@ module Aws::ECS
1054
1131
  #
1055
1132
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1056
1133
  # [2]: https://docs.docker.com/engine/api/v1.35/
1057
- # [3]: https://docs.docker.com/engine/reference/run/
1134
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1058
1135
  # @return [Integer]
1059
1136
  #
1060
1137
  # @!attribute [rw] memory_reservation
@@ -1092,7 +1169,7 @@ module Aws::ECS
1092
1169
  #
1093
1170
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1094
1171
  # [2]: https://docs.docker.com/engine/api/v1.35/
1095
- # [3]: https://docs.docker.com/engine/reference/run/
1172
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1096
1173
  # @return [Integer]
1097
1174
  #
1098
1175
  # @!attribute [rw] links
@@ -1107,7 +1184,8 @@ module Aws::ECS
1107
1184
  # container][2] section of the [Docker Remote API][3] and the `--link`
1108
1185
  # option to [docker run][4].
1109
1186
  #
1110
- # <note markdown="1"> This parameter is not supported for Windows containers.
1187
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1188
+ # use the awsvpc network mode.
1111
1189
  #
1112
1190
  # </note>
1113
1191
  #
@@ -1121,7 +1199,7 @@ module Aws::ECS
1121
1199
  # [1]: https://docs.docker.com/network/links/
1122
1200
  # [2]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1123
1201
  # [3]: https://docs.docker.com/engine/api/v1.35/
1124
- # [4]: https://docs.docker.com/engine/reference/run/
1202
+ # [4]: https://docs.docker.com/engine/reference/run/#security-configuration
1125
1203
  # @return [Array<String>]
1126
1204
  #
1127
1205
  # @!attribute [rw] port_mappings
@@ -1158,7 +1236,7 @@ module Aws::ECS
1158
1236
  #
1159
1237
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1160
1238
  # [2]: https://docs.docker.com/engine/api/v1.35/
1161
- # [3]: https://docs.docker.com/engine/reference/run/
1239
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1162
1240
  # @return [Array<Types::PortMapping>]
1163
1241
  #
1164
1242
  # @!attribute [rw] essential
@@ -1197,7 +1275,7 @@ module Aws::ECS
1197
1275
  #
1198
1276
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1199
1277
  # [2]: https://docs.docker.com/engine/api/v1.35/
1200
- # [3]: https://docs.docker.com/engine/reference/run/
1278
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1201
1279
  # [4]: https://docs.docker.com/engine/reference/builder/#entrypoint
1202
1280
  # @return [Array<String>]
1203
1281
  #
@@ -1214,7 +1292,7 @@ module Aws::ECS
1214
1292
  #
1215
1293
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1216
1294
  # [2]: https://docs.docker.com/engine/api/v1.35/
1217
- # [3]: https://docs.docker.com/engine/reference/run/
1295
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1218
1296
  # [4]: https://docs.docker.com/engine/reference/builder/#cmd
1219
1297
  # @return [Array<String>]
1220
1298
  #
@@ -1230,7 +1308,7 @@ module Aws::ECS
1230
1308
  #
1231
1309
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1232
1310
  # [2]: https://docs.docker.com/engine/api/v1.35/
1233
- # [3]: https://docs.docker.com/engine/reference/run/
1311
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1234
1312
  # @return [Array<Types::KeyValuePair>]
1235
1313
  #
1236
1314
  # @!attribute [rw] environment_files
@@ -1259,7 +1337,7 @@ module Aws::ECS
1259
1337
  #
1260
1338
  #
1261
1339
  #
1262
- # [1]: https://docs.docker.com/engine/reference/run/
1340
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
1263
1341
  # [2]: https://docs.docker.com/compose/env-file/
1264
1342
  # [3]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html
1265
1343
  # @return [Array<Types::EnvironmentFile>]
@@ -1279,7 +1357,7 @@ module Aws::ECS
1279
1357
  #
1280
1358
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1281
1359
  # [2]: https://docs.docker.com/engine/api/v1.35/
1282
- # [3]: https://docs.docker.com/engine/reference/run/
1360
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1283
1361
  # @return [Array<Types::MountPoint>]
1284
1362
  #
1285
1363
  # @!attribute [rw] volumes_from
@@ -1291,7 +1369,7 @@ module Aws::ECS
1291
1369
  #
1292
1370
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1293
1371
  # [2]: https://docs.docker.com/engine/api/v1.35/
1294
- # [3]: https://docs.docker.com/engine/reference/run/
1372
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1295
1373
  # @return [Array<Types::VolumeFrom>]
1296
1374
  #
1297
1375
  # @!attribute [rw] linux_parameters
@@ -1353,25 +1431,23 @@ module Aws::ECS
1353
1431
  # give up and not start. This results in the task transitioning to a
1354
1432
  # `STOPPED` state.
1355
1433
  #
1434
+ # <note markdown="1"> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration
1435
+ # variable is used, it is enforced indendently from this start timeout
1436
+ # value.
1437
+ #
1438
+ # </note>
1439
+ #
1356
1440
  # For tasks using the Fargate launch type, this parameter requires
1357
- # that the task or service uses platform version 1.3.0 or later. If
1358
- # this parameter is not specified, the default value of 3 minutes is
1359
- # used.
1441
+ # that the task or service uses platform version 1.3.0 or later.
1360
1442
  #
1361
- # For tasks using the EC2 launch type, if the `startTimeout` parameter
1362
- # is not specified, the value set for the Amazon ECS container agent
1363
- # configuration variable `ECS_CONTAINER_START_TIMEOUT` is used by
1364
- # default. If neither the `startTimeout` parameter or the
1365
- # `ECS_CONTAINER_START_TIMEOUT` agent configuration variable are set,
1366
- # then the default values of 3 minutes for Linux containers and 8
1367
- # minutes on Windows containers are used. Your container instances
1368
- # require at least version 1.26.0 of the container agent to enable a
1443
+ # For tasks using the EC2 launch type, your container instances
1444
+ # require at least version `1.26.0` of the container agent to enable a
1369
1445
  # container start timeout value. However, we recommend using the
1370
1446
  # latest container agent version. For information about checking your
1371
1447
  # agent version and updating to the latest version, see [Updating the
1372
1448
  # Amazon ECS Container Agent][1] in the *Amazon Elastic Container
1373
1449
  # Service Developer Guide*. If you are using an Amazon ECS-optimized
1374
- # Linux AMI, your instance needs at least version 1.26.0-1 of the
1450
+ # Linux AMI, your instance needs at least version `1.26.0-1` of the
1375
1451
  # `ecs-init` package. If your container instances are launched from
1376
1452
  # version `20190301` or later, then they contain the required versions
1377
1453
  # of the container agent and `ecs-init`. For more information, see
@@ -1433,16 +1509,20 @@ module Aws::ECS
1433
1509
  #
1434
1510
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1435
1511
  # [2]: https://docs.docker.com/engine/api/v1.35/
1436
- # [3]: https://docs.docker.com/engine/reference/run/
1512
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1437
1513
  # @return [String]
1438
1514
  #
1439
1515
  # @!attribute [rw] user
1440
- # The user name to use inside the container. This parameter maps to
1441
- # `User` in the [Create a container][1] section of the [Docker Remote
1442
- # API][2] and the `--user` option to [docker run][3].
1516
+ # The user to use inside the container. This parameter maps to `User`
1517
+ # in the [Create a container][1] section of the [Docker Remote API][2]
1518
+ # and the `--user` option to [docker run][3].
1519
+ #
1520
+ # When running tasks using the `host` network mode, you should not run
1521
+ # containers using the root user (UID 0). It is considered best
1522
+ # practice to use a non-root user.
1443
1523
  #
1444
- # You can use the following formats. If specifying a UID or GID, you
1445
- # must specify it as a positive integer.
1524
+ # You can specify the `user` using the following formats. If
1525
+ # specifying a UID or GID, you must specify it as a positive integer.
1446
1526
  #
1447
1527
  # * `user`
1448
1528
  #
@@ -1456,7 +1536,8 @@ module Aws::ECS
1456
1536
  #
1457
1537
  # * `uid:group`
1458
1538
  #
1459
- # <note markdown="1"> This parameter is not supported for Windows containers.
1539
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1540
+ # use the awsvpc network mode.
1460
1541
  #
1461
1542
  # </note>
1462
1543
  #
@@ -1464,7 +1545,7 @@ module Aws::ECS
1464
1545
  #
1465
1546
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1466
1547
  # [2]: https://docs.docker.com/engine/api/v1.35/
1467
- # [3]: https://docs.docker.com/engine/reference/run/
1548
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1468
1549
  # @return [String]
1469
1550
  #
1470
1551
  # @!attribute [rw] working_directory
@@ -1477,7 +1558,7 @@ module Aws::ECS
1477
1558
  #
1478
1559
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1479
1560
  # [2]: https://docs.docker.com/engine/api/v1.35/
1480
- # [3]: https://docs.docker.com/engine/reference/run/
1561
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1481
1562
  # @return [String]
1482
1563
  #
1483
1564
  # @!attribute [rw] disable_networking
@@ -1485,7 +1566,8 @@ module Aws::ECS
1485
1566
  # container. This parameter maps to `NetworkDisabled` in the [Create a
1486
1567
  # container][1] section of the [Docker Remote API][2].
1487
1568
  #
1488
- # <note markdown="1"> This parameter is not supported for Windows containers.
1569
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1570
+ # use the awsvpc network mode.
1489
1571
  #
1490
1572
  # </note>
1491
1573
  #
@@ -1511,7 +1593,7 @@ module Aws::ECS
1511
1593
  #
1512
1594
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1513
1595
  # [2]: https://docs.docker.com/engine/api/v1.35/
1514
- # [3]: https://docs.docker.com/engine/reference/run/
1596
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1515
1597
  # @return [Boolean]
1516
1598
  #
1517
1599
  # @!attribute [rw] readonly_root_filesystem
@@ -1520,7 +1602,8 @@ module Aws::ECS
1520
1602
  # the [Create a container][1] section of the [Docker Remote API][2]
1521
1603
  # and the `--read-only` option to [docker run][3].
1522
1604
  #
1523
- # <note markdown="1"> This parameter is not supported for Windows containers.
1605
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1606
+ # use the awsvpc network mode.
1524
1607
  #
1525
1608
  # </note>
1526
1609
  #
@@ -1528,7 +1611,7 @@ module Aws::ECS
1528
1611
  #
1529
1612
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1530
1613
  # [2]: https://docs.docker.com/engine/api/v1.35/
1531
- # [3]: https://docs.docker.com/engine/reference/run/
1614
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1532
1615
  # @return [Boolean]
1533
1616
  #
1534
1617
  # @!attribute [rw] dns_servers
@@ -1537,7 +1620,8 @@ module Aws::ECS
1537
1620
  # the [Docker Remote API][2] and the `--dns` option to [docker
1538
1621
  # run][3].
1539
1622
  #
1540
- # <note markdown="1"> This parameter is not supported for Windows containers.
1623
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1624
+ # use the awsvpc network mode.
1541
1625
  #
1542
1626
  # </note>
1543
1627
  #
@@ -1545,7 +1629,7 @@ module Aws::ECS
1545
1629
  #
1546
1630
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1547
1631
  # [2]: https://docs.docker.com/engine/api/v1.35/
1548
- # [3]: https://docs.docker.com/engine/reference/run/
1632
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1549
1633
  # @return [Array<String>]
1550
1634
  #
1551
1635
  # @!attribute [rw] dns_search_domains
@@ -1554,7 +1638,8 @@ module Aws::ECS
1554
1638
  # section of the [Docker Remote API][2] and the `--dns-search` option
1555
1639
  # to [docker run][3].
1556
1640
  #
1557
- # <note markdown="1"> This parameter is not supported for Windows containers.
1641
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1642
+ # use the awsvpc network mode.
1558
1643
  #
1559
1644
  # </note>
1560
1645
  #
@@ -1562,7 +1647,7 @@ module Aws::ECS
1562
1647
  #
1563
1648
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1564
1649
  # [2]: https://docs.docker.com/engine/api/v1.35/
1565
- # [3]: https://docs.docker.com/engine/reference/run/
1650
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1566
1651
  # @return [Array<String>]
1567
1652
  #
1568
1653
  # @!attribute [rw] extra_hosts
@@ -1580,7 +1665,7 @@ module Aws::ECS
1580
1665
  #
1581
1666
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1582
1667
  # [2]: https://docs.docker.com/engine/api/v1.35/
1583
- # [3]: https://docs.docker.com/engine/reference/run/
1668
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1584
1669
  # @return [Array<Types::HostEntry>]
1585
1670
  #
1586
1671
  # @!attribute [rw] docker_security_options
@@ -1607,12 +1692,18 @@ module Aws::ECS
1607
1692
  #
1608
1693
  # </note>
1609
1694
  #
1695
+ # For more information about valid values, see [Docker Run Security
1696
+ # Configuration][4].
1697
+ #
1698
+ # Valid values: "no-new-privileges" \| "apparmor:PROFILE" \|
1699
+ # "label:value" \| "credentialspec:CredentialSpecFilePath"
1700
+ #
1610
1701
  #
1611
1702
  #
1612
1703
  # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html
1613
1704
  # [2]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1614
1705
  # [3]: https://docs.docker.com/engine/api/v1.35/
1615
- # [4]: https://docs.docker.com/engine/reference/run/
1706
+ # [4]: https://docs.docker.com/engine/reference/run/#security-configuration
1616
1707
  # [5]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html
1617
1708
  # @return [Array<String>]
1618
1709
  #
@@ -1627,7 +1718,7 @@ module Aws::ECS
1627
1718
  #
1628
1719
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1629
1720
  # [2]: https://docs.docker.com/engine/api/v1.35/
1630
- # [3]: https://docs.docker.com/engine/reference/run/
1721
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1631
1722
  # @return [Boolean]
1632
1723
  #
1633
1724
  # @!attribute [rw] pseudo_terminal
@@ -1639,7 +1730,7 @@ module Aws::ECS
1639
1730
  #
1640
1731
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1641
1732
  # [2]: https://docs.docker.com/engine/api/v1.35/
1642
- # [3]: https://docs.docker.com/engine/reference/run/
1733
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1643
1734
  # @return [Boolean]
1644
1735
  #
1645
1736
  # @!attribute [rw] docker_labels
@@ -1656,7 +1747,7 @@ module Aws::ECS
1656
1747
  #
1657
1748
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1658
1749
  # [2]: https://docs.docker.com/engine/api/v1.35/
1659
- # [3]: https://docs.docker.com/engine/reference/run/
1750
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1660
1751
  # @return [Hash<String,String>]
1661
1752
  #
1662
1753
  # @!attribute [rw] ulimits
@@ -1671,7 +1762,8 @@ module Aws::ECS
1671
1762
  # log in to your container instance and run the following command:
1672
1763
  # `sudo docker version --format '\{\{.Server.APIVersion\}\}'`
1673
1764
  #
1674
- # <note markdown="1"> This parameter is not supported for Windows containers.
1765
+ # <note markdown="1"> This parameter is not supported for Windows containers or tasks that
1766
+ # use the awsvpc network mode.
1675
1767
  #
1676
1768
  # </note>
1677
1769
  #
@@ -1679,7 +1771,7 @@ module Aws::ECS
1679
1771
  #
1680
1772
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1681
1773
  # [2]: https://docs.docker.com/engine/api/v1.35/
1682
- # [3]: https://docs.docker.com/engine/reference/run/
1774
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1683
1775
  # @return [Array<Types::Ulimit>]
1684
1776
  #
1685
1777
  # @!attribute [rw] log_configuration
@@ -1724,7 +1816,7 @@ module Aws::ECS
1724
1816
  #
1725
1817
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1726
1818
  # [2]: https://docs.docker.com/engine/api/v1.35/
1727
- # [3]: https://docs.docker.com/engine/reference/run/
1819
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1728
1820
  # [4]: https://docs.docker.com/engine/admin/logging/overview/
1729
1821
  # [5]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html
1730
1822
  # @return [Types::LogConfiguration]
@@ -1739,7 +1831,7 @@ module Aws::ECS
1739
1831
  #
1740
1832
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1741
1833
  # [2]: https://docs.docker.com/engine/api/v1.35/
1742
- # [3]: https://docs.docker.com/engine/reference/run/
1834
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1743
1835
  # @return [Types::HealthCheck]
1744
1836
  #
1745
1837
  # @!attribute [rw] system_controls
@@ -1763,7 +1855,7 @@ module Aws::ECS
1763
1855
  #
1764
1856
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
1765
1857
  # [2]: https://docs.docker.com/engine/api/v1.35/
1766
- # [3]: https://docs.docker.com/engine/reference/run/
1858
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
1767
1859
  # @return [Array<Types::SystemControl>]
1768
1860
  #
1769
1861
  # @!attribute [rw] resource_requirements
@@ -1878,10 +1970,12 @@ module Aws::ECS
1878
1970
  # * `COMPLETE` - This condition validates that a dependent container
1879
1971
  # runs to completion (exits) before permitting other containers to
1880
1972
  # start. This can be useful for nonessential containers that run a
1881
- # script and then exit.
1973
+ # script and then exit. This condition cannot be set on an essential
1974
+ # container.
1882
1975
  #
1883
1976
  # * `SUCCESS` - This condition is the same as `COMPLETE`, but it also
1884
- # requires that the container exits with a `zero` status.
1977
+ # requires that the container exits with a `zero` status. This
1978
+ # condition cannot be set on an essential container.
1885
1979
  #
1886
1980
  # * `HEALTHY` - This condition validates that the dependent container
1887
1981
  # passes its Docker health check before permitting other containers
@@ -2257,6 +2351,7 @@ module Aws::ECS
2257
2351
  # target_capacity: 1,
2258
2352
  # minimum_scaling_step_size: 1,
2259
2353
  # maximum_scaling_step_size: 1,
2354
+ # instance_warmup_period: 1,
2260
2355
  # },
2261
2356
  # managed_termination_protection: "ENABLED", # accepts ENABLED, DISABLED
2262
2357
  # },
@@ -2511,6 +2606,10 @@ module Aws::ECS
2511
2606
  # platform_version: "String",
2512
2607
  # role: "String",
2513
2608
  # deployment_configuration: {
2609
+ # deployment_circuit_breaker: {
2610
+ # enable: false, # required
2611
+ # rollback: false, # required
2612
+ # },
2514
2613
  # maximum_percent: 1,
2515
2614
  # minimum_healthy_percent: 1,
2516
2615
  # },
@@ -2566,8 +2665,8 @@ module Aws::ECS
2566
2665
  # task definition to run in your service. If a `revision` is not
2567
2666
  # specified, the latest `ACTIVE` revision is used.
2568
2667
  #
2569
- # A task definition must be specified if the service is using the
2570
- # `ECS` deployment controller.
2668
+ # A task definition must be specified if the service is using either
2669
+ # the `ECS` or `CODE_DEPLOY` deployment controllers.
2571
2670
  # @return [String]
2572
2671
  #
2573
2672
  # @!attribute [rw] load_balancers
@@ -2577,11 +2676,11 @@ module Aws::ECS
2577
2676
  #
2578
2677
  # If the service is using the rolling update (`ECS`) deployment
2579
2678
  # controller and using either an Application Load Balancer or Network
2580
- # Load Balancer, you can specify multiple target groups to attach to
2581
- # the service. The service-linked role is required for services that
2582
- # make use of multiple target groups. For more information, see [Using
2583
- # Service-Linked Roles for Amazon ECS][2] in the *Amazon Elastic
2584
- # Container Service Developer Guide*.
2679
+ # Load Balancer, you must specify one or more target group ARNs to
2680
+ # attach to the service. The service-linked role is required for
2681
+ # services that make use of multiple target groups. For more
2682
+ # information, see [Using Service-Linked Roles for Amazon ECS][2] in
2683
+ # the *Amazon Elastic Container Service Developer Guide*.
2585
2684
  #
2586
2685
  # If the service is using the `CODE_DEPLOY` deployment controller, the
2587
2686
  # service is required to use either an Application Load Balancer or
@@ -2604,17 +2703,19 @@ module Aws::ECS
2604
2703
  # For Application Load Balancers and Network Load Balancers, this
2605
2704
  # object must contain the load balancer target group ARN, the
2606
2705
  # container name (as it appears in a container definition), and the
2607
- # container port to access from the load balancer. When a task from
2608
- # this service is placed on a container instance, the container
2609
- # instance and port combination is registered as a target in the
2610
- # target group specified here.
2706
+ # container port to access from the load balancer. The load balancer
2707
+ # name parameter must be omitted. When a task from this service is
2708
+ # placed on a container instance, the container instance and port
2709
+ # combination is registered as a target in the target group specified
2710
+ # here.
2611
2711
  #
2612
2712
  # For Classic Load Balancers, this object must contain the load
2613
2713
  # balancer name, the container name (as it appears in a container
2614
2714
  # definition), and the container port to access from the load
2615
- # balancer. When a task from this service is placed on a container
2616
- # instance, the container instance is registered with the load
2617
- # balancer specified here.
2715
+ # balancer. The target group ARN parameter must be omitted. When a
2716
+ # task from this service is placed on a container instance, the
2717
+ # container instance is registered with the load balancer specified
2718
+ # here.
2618
2719
  #
2619
2720
  # Services with tasks that use the `awsvpc` network mode (for example,
2620
2721
  # those with the Fargate launch type) only support Application Load
@@ -3466,6 +3567,19 @@ module Aws::ECS
3466
3567
  # status.
3467
3568
  # @return [Integer]
3468
3569
  #
3570
+ # @!attribute [rw] failed_tasks
3571
+ # The number of consecutively failed tasks in the deployment. A task
3572
+ # is considered a failure if the service scheduler can't launch the
3573
+ # task, the task doesn't transition to a `RUNNING` state, or if it
3574
+ # fails any of its defined health checks and is stopped.
3575
+ #
3576
+ # <note markdown="1"> Once a service deployment has one or more successfully running
3577
+ # tasks, the failed task count resets to zero and stops being
3578
+ # evaluated.
3579
+ #
3580
+ # </note>
3581
+ # @return [Integer]
3582
+ #
3469
3583
  # @!attribute [rw] created_at
3470
3584
  # The Unix timestamp for when the service deployment was created.
3471
3585
  # @return [Time]
@@ -3507,6 +3621,26 @@ module Aws::ECS
3507
3621
  # networking mode.
3508
3622
  # @return [Types::NetworkConfiguration]
3509
3623
  #
3624
+ # @!attribute [rw] rollout_state
3625
+ # <note markdown="1"> The `rolloutState` of a service is only returned for services that
3626
+ # use the rolling update (`ECS`) deployment type that are not behind a
3627
+ # Classic Load Balancer.
3628
+ #
3629
+ # </note>
3630
+ #
3631
+ # The rollout state of the deployment. When a service deployment is
3632
+ # started, it begins in an `IN_PROGRESS` state. When the service
3633
+ # reaches a steady state, the deployment will transition to a
3634
+ # `COMPLETED` state. If the service fails to reach a steady state and
3635
+ # circuit breaker is enabled, the deployment will transition to a
3636
+ # `FAILED` state. A deployment in `FAILED` state will launch no new
3637
+ # tasks. For more information, see DeploymentCircuitBreaker.
3638
+ # @return [String]
3639
+ #
3640
+ # @!attribute [rw] rollout_state_reason
3641
+ # A description of the rollout state of a deployment.
3642
+ # @return [String]
3643
+ #
3510
3644
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/Deployment AWS API Documentation
3511
3645
  #
3512
3646
  class Deployment < Struct.new(
@@ -3516,12 +3650,62 @@ module Aws::ECS
3516
3650
  :desired_count,
3517
3651
  :pending_count,
3518
3652
  :running_count,
3653
+ :failed_tasks,
3519
3654
  :created_at,
3520
3655
  :updated_at,
3521
3656
  :capacity_provider_strategy,
3522
3657
  :launch_type,
3523
3658
  :platform_version,
3524
- :network_configuration)
3659
+ :network_configuration,
3660
+ :rollout_state,
3661
+ :rollout_state_reason)
3662
+ SENSITIVE = []
3663
+ include Aws::Structure
3664
+ end
3665
+
3666
+ # <note markdown="1"> The deployment circuit breaker can only be used for services using the
3667
+ # rolling update (`ECS`) deployment type that are not behind a Classic
3668
+ # Load Balancer.
3669
+ #
3670
+ # </note>
3671
+ #
3672
+ # The **deployment circuit breaker** determines whether a service
3673
+ # deployment will fail if the service can't reach a steady state. If
3674
+ # enabled, a service deployment will transition to a failed state and
3675
+ # stop launching new tasks. You can also enable Amazon ECS to roll back
3676
+ # your service to the last completed deployment after a failure. For
3677
+ # more information, see [Rolling update][1] in the *Amazon Elastic
3678
+ # Container Service Developer Guide*.
3679
+ #
3680
+ #
3681
+ #
3682
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html
3683
+ #
3684
+ # @note When making an API call, you may pass DeploymentCircuitBreaker
3685
+ # data as a hash:
3686
+ #
3687
+ # {
3688
+ # enable: false, # required
3689
+ # rollback: false, # required
3690
+ # }
3691
+ #
3692
+ # @!attribute [rw] enable
3693
+ # Whether to enable the deployment circuit breaker logic for the
3694
+ # service.
3695
+ # @return [Boolean]
3696
+ #
3697
+ # @!attribute [rw] rollback
3698
+ # Whether to enable Amazon ECS to roll back the service if a service
3699
+ # deployment fails. If rollback is enabled, when a service deployment
3700
+ # fails, the service is rolled back to the last deployment that
3701
+ # completed successfully.
3702
+ # @return [Boolean]
3703
+ #
3704
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/DeploymentCircuitBreaker AWS API Documentation
3705
+ #
3706
+ class DeploymentCircuitBreaker < Struct.new(
3707
+ :enable,
3708
+ :rollback)
3525
3709
  SENSITIVE = []
3526
3710
  include Aws::Structure
3527
3711
  end
@@ -3533,10 +3717,28 @@ module Aws::ECS
3533
3717
  # data as a hash:
3534
3718
  #
3535
3719
  # {
3720
+ # deployment_circuit_breaker: {
3721
+ # enable: false, # required
3722
+ # rollback: false, # required
3723
+ # },
3536
3724
  # maximum_percent: 1,
3537
3725
  # minimum_healthy_percent: 1,
3538
3726
  # }
3539
3727
  #
3728
+ # @!attribute [rw] deployment_circuit_breaker
3729
+ # <note markdown="1"> The deployment circuit breaker can only be used for services using
3730
+ # the rolling update (`ECS`) deployment type.
3731
+ #
3732
+ # </note>
3733
+ #
3734
+ # The **deployment circuit breaker** determines whether a service
3735
+ # deployment will fail if the service can't reach a steady state. If
3736
+ # deployment circuit breaker is enabled, a service deployment will
3737
+ # transition to a failed state and stop launching new tasks. If
3738
+ # rollback is enabled, when a service deployment fails, the service is
3739
+ # rolled back to the last deployment that completed successfully.
3740
+ # @return [Types::DeploymentCircuitBreaker]
3741
+ #
3540
3742
  # @!attribute [rw] maximum_percent
3541
3743
  # If a service is using the rolling update (`ECS`) deployment type,
3542
3744
  # the **maximum percent** parameter represents an upper limit on the
@@ -3592,6 +3794,7 @@ module Aws::ECS
3592
3794
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/DeploymentConfiguration AWS API Documentation
3593
3795
  #
3594
3796
  class DeploymentConfiguration < Struct.new(
3797
+ :deployment_circuit_breaker,
3595
3798
  :maximum_percent,
3596
3799
  :minimum_healthy_percent)
3597
3800
  SENSITIVE = []
@@ -4393,11 +4596,12 @@ module Aws::ECS
4393
4596
  # @!attribute [rw] access_point_id
4394
4597
  # The Amazon EFS access point ID to use. If an access point is
4395
4598
  # specified, the root directory value specified in the
4396
- # `EFSVolumeConfiguration` will be relative to the directory set for
4397
- # the access point. If an access point is used, transit encryption
4398
- # must be enabled in the `EFSVolumeConfiguration`. For more
4399
- # information, see [Working with Amazon EFS Access Points][1] in the
4400
- # *Amazon Elastic File System User Guide*.
4599
+ # `EFSVolumeConfiguration` must either be omitted or set to `/` which
4600
+ # will enforce the path set on the EFS access point. If an access
4601
+ # point is used, transit encryption must be enabled in the
4602
+ # `EFSVolumeConfiguration`. For more information, see [Working with
4603
+ # Amazon EFS Access Points][1] in the *Amazon Elastic File System User
4604
+ # Guide*.
4401
4605
  #
4402
4606
  #
4403
4607
  #
@@ -4458,6 +4662,10 @@ module Aws::ECS
4458
4662
  # directory inside the host. If this parameter is omitted, the root of
4459
4663
  # the Amazon EFS volume will be used. Specifying `/` will have the
4460
4664
  # same effect as omitting this parameter.
4665
+ #
4666
+ # If an EFS access point is specified in the `authorizationConfig`,
4667
+ # the root directory parameter must either be omitted or set to `/`
4668
+ # which will enforce the path set on the EFS access point.
4461
4669
  # @return [String]
4462
4670
  #
4463
4671
  # @!attribute [rw] transit_encryption
@@ -4553,7 +4761,108 @@ module Aws::ECS
4553
4761
  include Aws::Structure
4554
4762
  end
4555
4763
 
4556
- # A failed resource.
4764
+ # The authorization configuration details for Amazon FSx for Windows
4765
+ # File Server file system. See
4766
+ # [FSxWindowsFileServerVolumeConfiguration][1] in the *Amazon Elastic
4767
+ # Container Service API Reference*.
4768
+ #
4769
+ # For more information and the input format, see [Amazon FSx for Windows
4770
+ # File Server Volumes][2] in the *Amazon Elastic Container Service
4771
+ # Developer Guide*.
4772
+ #
4773
+ #
4774
+ #
4775
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FSxWindowsFileServerVolumeConfiguration.html
4776
+ # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html
4777
+ #
4778
+ # @note When making an API call, you may pass FSxWindowsFileServerAuthorizationConfig
4779
+ # data as a hash:
4780
+ #
4781
+ # {
4782
+ # credentials_parameter: "String", # required
4783
+ # domain: "String", # required
4784
+ # }
4785
+ #
4786
+ # @!attribute [rw] credentials_parameter
4787
+ # The authorization credential option to use. The authorization
4788
+ # credential options can be provided using either the Amazon Resource
4789
+ # Name (ARN) of an AWS Secrets Manager secret or AWS Systems Manager
4790
+ # Parameter Store parameter. The ARNs refer to the stored credentials.
4791
+ # @return [String]
4792
+ #
4793
+ # @!attribute [rw] domain
4794
+ # A fully qualified domain name hosted by an [AWS Directory
4795
+ # Service][1] Managed Microsoft AD (Active Directory) or self-hosted
4796
+ # AD on Amazon EC2.
4797
+ #
4798
+ #
4799
+ #
4800
+ # [1]: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html
4801
+ # @return [String]
4802
+ #
4803
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/FSxWindowsFileServerAuthorizationConfig AWS API Documentation
4804
+ #
4805
+ class FSxWindowsFileServerAuthorizationConfig < Struct.new(
4806
+ :credentials_parameter,
4807
+ :domain)
4808
+ SENSITIVE = []
4809
+ include Aws::Structure
4810
+ end
4811
+
4812
+ # This parameter is specified when you are using [Amazon FSx for Windows
4813
+ # File Server][1] file system for task storage.
4814
+ #
4815
+ # For more information and the input format, see [Amazon FSx for Windows
4816
+ # File Server Volumes][2] in the *Amazon Elastic Container Service
4817
+ # Developer Guide*.
4818
+ #
4819
+ #
4820
+ #
4821
+ # [1]: https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html
4822
+ # [2]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html
4823
+ #
4824
+ # @note When making an API call, you may pass FSxWindowsFileServerVolumeConfiguration
4825
+ # data as a hash:
4826
+ #
4827
+ # {
4828
+ # file_system_id: "String", # required
4829
+ # root_directory: "String", # required
4830
+ # authorization_config: { # required
4831
+ # credentials_parameter: "String", # required
4832
+ # domain: "String", # required
4833
+ # },
4834
+ # }
4835
+ #
4836
+ # @!attribute [rw] file_system_id
4837
+ # The Amazon FSx for Windows File Server file system ID to use.
4838
+ # @return [String]
4839
+ #
4840
+ # @!attribute [rw] root_directory
4841
+ # The directory within the Amazon FSx for Windows File Server file
4842
+ # system to mount as the root directory inside the host.
4843
+ # @return [String]
4844
+ #
4845
+ # @!attribute [rw] authorization_config
4846
+ # The authorization configuration details for the Amazon FSx for
4847
+ # Windows File Server file system.
4848
+ # @return [Types::FSxWindowsFileServerAuthorizationConfig]
4849
+ #
4850
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/FSxWindowsFileServerVolumeConfiguration AWS API Documentation
4851
+ #
4852
+ class FSxWindowsFileServerVolumeConfiguration < Struct.new(
4853
+ :file_system_id,
4854
+ :root_directory,
4855
+ :authorization_config)
4856
+ SENSITIVE = []
4857
+ include Aws::Structure
4858
+ end
4859
+
4860
+ # A failed resource. For a list of common causes, see [API failure
4861
+ # reasons][1] in the *Amazon Elastic Container Service Developer Guide*.
4862
+ #
4863
+ #
4864
+ #
4865
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/api_failures_messages.html
4557
4866
  #
4558
4867
  # @!attribute [rw] arn
4559
4868
  # The Amazon Resource Name (ARN) of the failed resource.
@@ -4920,9 +5229,8 @@ module Aws::ECS
4920
5229
  # `CapAdd` in the [Create a container][1] section of the [Docker
4921
5230
  # Remote API][2] and the `--cap-add` option to [docker run][3].
4922
5231
  #
4923
- # <note markdown="1"> The `SYS_PTRACE` capability is supported for tasks that use the
4924
- # Fargate launch type if they are also using platform version 1.4.0.
4925
- # The other capabilities are not supported for any platform versions.
5232
+ # <note markdown="1"> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE`
5233
+ # kernel capability.
4926
5234
  #
4927
5235
  # </note>
4928
5236
  #
@@ -4940,7 +5248,7 @@ module Aws::ECS
4940
5248
  #
4941
5249
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
4942
5250
  # [2]: https://docs.docker.com/engine/api/v1.35/
4943
- # [3]: https://docs.docker.com/engine/reference/run/
5251
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
4944
5252
  # @return [Array<String>]
4945
5253
  #
4946
5254
  # @!attribute [rw] drop
@@ -4963,7 +5271,7 @@ module Aws::ECS
4963
5271
  #
4964
5272
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
4965
5273
  # [2]: https://docs.docker.com/engine/api/v1.35/
4966
- # [3]: https://docs.docker.com/engine/reference/run/
5274
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
4967
5275
  # @return [Array<String>]
4968
5276
  #
4969
5277
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/KernelCapabilities AWS API Documentation
@@ -5066,7 +5374,7 @@ module Aws::ECS
5066
5374
  #
5067
5375
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
5068
5376
  # [2]: https://docs.docker.com/engine/api/v1.35/
5069
- # [3]: https://docs.docker.com/engine/reference/run/
5377
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
5070
5378
  # @return [Array<Types::Device>]
5071
5379
  #
5072
5380
  # @!attribute [rw] init_process_enabled
@@ -5080,7 +5388,7 @@ module Aws::ECS
5080
5388
  #
5081
5389
  #
5082
5390
  #
5083
- # [1]: https://docs.docker.com/engine/reference/run/
5391
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
5084
5392
  # @return [Boolean]
5085
5393
  #
5086
5394
  # @!attribute [rw] shared_memory_size
@@ -5094,7 +5402,7 @@ module Aws::ECS
5094
5402
  #
5095
5403
  #
5096
5404
  #
5097
- # [1]: https://docs.docker.com/engine/reference/run/
5405
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
5098
5406
  # @return [Integer]
5099
5407
  #
5100
5408
  # @!attribute [rw] tmpfs
@@ -5109,7 +5417,7 @@ module Aws::ECS
5109
5417
  #
5110
5418
  #
5111
5419
  #
5112
- # [1]: https://docs.docker.com/engine/reference/run/
5420
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
5113
5421
  # @return [Array<Types::Tmpfs>]
5114
5422
  #
5115
5423
  # @!attribute [rw] max_swap
@@ -5132,7 +5440,7 @@ module Aws::ECS
5132
5440
  #
5133
5441
  #
5134
5442
  #
5135
- # [1]: https://docs.docker.com/engine/reference/run/
5443
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
5136
5444
  # @return [Integer]
5137
5445
  #
5138
5446
  # @!attribute [rw] swappiness
@@ -5153,7 +5461,7 @@ module Aws::ECS
5153
5461
  #
5154
5462
  #
5155
5463
  #
5156
- # [1]: https://docs.docker.com/engine/reference/run/
5464
+ # [1]: https://docs.docker.com/engine/reference/run/#security-configuration
5157
5465
  # @return [Integer]
5158
5466
  #
5159
5467
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/LinuxParameters AWS API Documentation
@@ -6019,19 +6327,16 @@ module Aws::ECS
6019
6327
  include Aws::Structure
6020
6328
  end
6021
6329
 
6022
- # The log configuration specification for the container.
6330
+ # The log configuration for the container. This parameter maps to
6331
+ # `LogConfig` in the [Create a container][1] section of the [Docker
6332
+ # Remote API][2] and the `--log-driver` option to [ `docker run` ][3].
6023
6333
  #
6024
- # This parameter maps to `LogConfig` in the [Create a container][1]
6025
- # section of the [Docker Remote API][2] and the `--log-driver` option to
6026
- # [ `docker run` ][3]. By default, containers use the same logging
6027
- # driver that the Docker daemon uses; however the container may use a
6028
- # different logging driver than the Docker daemon by specifying a log
6029
- # driver with this parameter in the container definition. To use a
6030
- # different logging driver for a container, the log system must be
6031
- # configured properly on the container instance (or on a different log
6032
- # server for remote logging options). For more information on the
6033
- # options for different supported log drivers, see [Configure logging
6034
- # drivers][4] in the Docker documentation.
6334
+ # By default, containers use the same logging driver that the Docker
6335
+ # daemon uses; however the container may use a different logging driver
6336
+ # than the Docker daemon by specifying a log driver configuration in the
6337
+ # container definition. For more information on the options for
6338
+ # different supported log drivers, see [Configure logging drivers][4] in
6339
+ # the Docker documentation.
6035
6340
  #
6036
6341
  # The following should be noted when specifying a log configuration for
6037
6342
  # your containers:
@@ -6044,19 +6349,19 @@ module Aws::ECS
6044
6349
  # * This parameter requires version 1.18 of the Docker Remote API or
6045
6350
  # greater on your container instance.
6046
6351
  #
6047
- # * For tasks using the EC2 launch type, the Amazon ECS container agent
6048
- # running on a container instance must register the logging drivers
6049
- # available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS`
6050
- # environment variable before containers placed on that instance can
6051
- # use these log configuration options. For more information, see
6052
- # [Amazon ECS Container Agent Configuration][5] in the *Amazon Elastic
6053
- # Container Service Developer Guide*.
6352
+ # * For tasks hosted on Amazon EC2 instances, the Amazon ECS container
6353
+ # agent must register the available logging drivers with the
6354
+ # `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before
6355
+ # containers placed on that instance can use these log configuration
6356
+ # options. For more information, see [Amazon ECS container agent
6357
+ # configuration][5] in the *Amazon Elastic Container Service Developer
6358
+ # Guide*.
6054
6359
  #
6055
- # * For tasks using the Fargate launch type, because you do not have
6056
- # access to the underlying infrastructure your tasks are hosted on,
6057
- # any additional software needed will have to be installed outside of
6058
- # the task. For example, the Fluentd output aggregators or a remote
6059
- # host running Logstash to send Gelf logs to.
6360
+ # * For tasks on AWS Fargate, because you do not have access to the
6361
+ # underlying infrastructure your tasks are hosted on, any additional
6362
+ # software needed will have to be installed outside of the task. For
6363
+ # example, the Fluentd output aggregators or a remote host running
6364
+ # Logstash to send Gelf logs to.
6060
6365
  #
6061
6366
  #
6062
6367
  #
@@ -6083,23 +6388,21 @@ module Aws::ECS
6083
6388
  # }
6084
6389
  #
6085
6390
  # @!attribute [rw] log_driver
6086
- # The log driver to use for the container. The valid values listed
6087
- # earlier are log drivers that the Amazon ECS container agent can
6088
- # communicate with by default.
6391
+ # The log driver to use for the container.
6089
6392
  #
6090
- # For tasks using the Fargate launch type, the supported log drivers
6091
- # are `awslogs`, `splunk`, and `awsfirelens`.
6393
+ # For tasks on AWS Fargate, the supported log drivers are `awslogs`,
6394
+ # `splunk`, and `awsfirelens`.
6092
6395
  #
6093
- # For tasks using the EC2 launch type, the supported log drivers are
6094
- # `awslogs`, `fluentd`, `gelf`, `json-file`, `journald`,
6396
+ # For tasks hosted on Amazon EC2 instances, the supported log drivers
6397
+ # are `awslogs`, `fluentd`, `gelf`, `json-file`, `journald`,
6095
6398
  # `logentries`,`syslog`, `splunk`, and `awsfirelens`.
6096
6399
  #
6097
6400
  # For more information about using the `awslogs` log driver, see
6098
- # [Using the awslogs Log Driver][1] in the *Amazon Elastic Container
6401
+ # [Using the awslogs log driver][1] in the *Amazon Elastic Container
6099
6402
  # Service Developer Guide*.
6100
6403
  #
6101
6404
  # For more information about using the `awsfirelens` log driver, see
6102
- # [Custom Log Routing][2] in the *Amazon Elastic Container Service
6405
+ # [Custom log routing][2] in the *Amazon Elastic Container Service
6103
6406
  # Developer Guide*.
6104
6407
  #
6105
6408
  # <note markdown="1"> If you have a custom driver that is not listed, you can fork the
@@ -6172,6 +6475,7 @@ module Aws::ECS
6172
6475
  # target_capacity: 1,
6173
6476
  # minimum_scaling_step_size: 1,
6174
6477
  # maximum_scaling_step_size: 1,
6478
+ # instance_warmup_period: 1,
6175
6479
  # }
6176
6480
  #
6177
6481
  # @!attribute [rw] status
@@ -6197,13 +6501,21 @@ module Aws::ECS
6197
6501
  # default value of `10000` is used.
6198
6502
  # @return [Integer]
6199
6503
  #
6504
+ # @!attribute [rw] instance_warmup_period
6505
+ # The period of time, in seconds, after a newly launched Amazon EC2
6506
+ # instance can contribute to CloudWatch metrics for Auto Scaling
6507
+ # group. If this parameter is omitted, the default value of `300`
6508
+ # seconds is used.
6509
+ # @return [Integer]
6510
+ #
6200
6511
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/ManagedScaling AWS API Documentation
6201
6512
  #
6202
6513
  class ManagedScaling < Struct.new(
6203
6514
  :status,
6204
6515
  :target_capacity,
6205
6516
  :minimum_scaling_step_size,
6206
- :maximum_scaling_step_size)
6517
+ :maximum_scaling_step_size,
6518
+ :instance_warmup_period)
6207
6519
  SENSITIVE = []
6208
6520
  include Aws::Structure
6209
6521
  end
@@ -6538,9 +6850,6 @@ module Aws::ECS
6538
6850
  # more information, see `hostPort`. Port mappings that are
6539
6851
  # automatically assigned in this way do not count toward the 100
6540
6852
  # reserved ports limit of a container instance.
6541
- #
6542
- # You cannot expose the same container port for multiple protocols. An
6543
- # error will be returned if this is attempted.
6544
6853
  # @return [Integer]
6545
6854
  #
6546
6855
  # @!attribute [rw] host_port
@@ -6606,11 +6915,7 @@ module Aws::ECS
6606
6915
  # your container instances are launched from the Amazon ECS-optimized
6607
6916
  # AMI version `20190301` or later, then they contain the required
6608
6917
  # versions of the container agent and `ecs-init`. For more information,
6609
- # see [Amazon ECS-optimized Linux AMI][1] in the *Amazon Elastic
6610
- # Container Service Developer Guide*.
6611
- #
6612
- # For tasks using the Fargate launch type, the task or service requires
6613
- # platform version 1.3.0 or later.
6918
+ # see [Amazon ECS-optimized Linux AMI][1]
6614
6919
  #
6615
6920
  #
6616
6921
  #
@@ -7253,6 +7558,14 @@ module Aws::ECS
7253
7558
  # iam: "ENABLED", # accepts ENABLED, DISABLED
7254
7559
  # },
7255
7560
  # },
7561
+ # fsx_windows_file_server_volume_configuration: {
7562
+ # file_system_id: "String", # required
7563
+ # root_directory: "String", # required
7564
+ # authorization_config: { # required
7565
+ # credentials_parameter: "String", # required
7566
+ # domain: "String", # required
7567
+ # },
7568
+ # },
7256
7569
  # },
7257
7570
  # ],
7258
7571
  # placement_constraints: [
@@ -7324,16 +7637,17 @@ module Aws::ECS
7324
7637
  #
7325
7638
  # @!attribute [rw] network_mode
7326
7639
  # The Docker networking mode to use for the containers in the task.
7327
- # The valid values are `none`, `bridge`, `awsvpc`, and `host`. The
7328
- # default Docker network mode is `bridge`. If you are using the
7329
- # Fargate launch type, the `awsvpc` network mode is required. If you
7330
- # are using the EC2 launch type, any network mode can be used. If the
7331
- # network mode is set to `none`, you cannot specify port mappings in
7332
- # your container definitions, and the tasks containers do not have
7333
- # external connectivity. The `host` and `awsvpc` network modes offer
7334
- # the highest networking performance for containers because they use
7335
- # the EC2 network stack instead of the virtualized network stack
7336
- # provided by the `bridge` mode.
7640
+ # The valid values are `none`, `bridge`, `awsvpc`, and `host`. If no
7641
+ # network mode is specified, the default is `bridge`.
7642
+ #
7643
+ # For Amazon ECS tasks on Fargate, the `awsvpc` network mode is
7644
+ # required. For Amazon ECS tasks on Amazon EC2 instances, any network
7645
+ # mode can be used. If the network mode is set to `none`, you cannot
7646
+ # specify port mappings in your container definitions, and the tasks
7647
+ # containers do not have external connectivity. The `host` and
7648
+ # `awsvpc` network modes offer the highest networking performance for
7649
+ # containers because they use the EC2 network stack instead of the
7650
+ # virtualized network stack provided by the `bridge` mode.
7337
7651
  #
7338
7652
  # With the `host` and `awsvpc` network modes, exposed container ports
7339
7653
  # are mapped directly to the corresponding host port (for the `host`
@@ -7341,6 +7655,10 @@ module Aws::ECS
7341
7655
  # the `awsvpc` network mode), so you cannot take advantage of dynamic
7342
7656
  # host port mappings.
7343
7657
  #
7658
+ # When using the `host` network mode, you should not run containers
7659
+ # using the root user (UID 0). It is considered best practice to use a
7660
+ # non-root user.
7661
+ #
7344
7662
  # If the network mode is `awsvpc`, the task is allocated an elastic
7345
7663
  # network interface, and you must specify a NetworkConfiguration value
7346
7664
  # when you create a service or run a task with the task definition.
@@ -7390,8 +7708,10 @@ module Aws::ECS
7390
7708
  # @return [Array<Types::TaskDefinitionPlacementConstraint>]
7391
7709
  #
7392
7710
  # @!attribute [rw] requires_compatibilities
7393
- # The launch type required by the task. If no value is specified, it
7394
- # defaults to `EC2`.
7711
+ # The task launch type that Amazon ECS should validate the task
7712
+ # definition against. This ensures that the task definition parameters
7713
+ # are compatible with the specified launch type. If no value is
7714
+ # specified, it defaults to `EC2`.
7395
7715
  # @return [Array<String>]
7396
7716
  #
7397
7717
  # @!attribute [rw] cpu
@@ -7574,11 +7894,7 @@ module Aws::ECS
7574
7894
  # If your container instances are launched from the Amazon
7575
7895
  # ECS-optimized AMI version `20190301` or later, then they contain the
7576
7896
  # required versions of the container agent and `ecs-init`. For more
7577
- # information, see [Amazon ECS-optimized Linux AMI][1] in the *Amazon
7578
- # Elastic Container Service Developer Guide*.
7579
- #
7580
- # For tasks using the Fargate launch type, the task or service
7581
- # requires platform version 1.3.0 or later.
7897
+ # information, see [Amazon ECS-optimized Linux AMI][1]
7582
7898
  #
7583
7899
  #
7584
7900
  #
@@ -9091,7 +9407,7 @@ module Aws::ECS
9091
9407
  #
9092
9408
  # [1]: https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate
9093
9409
  # [2]: https://docs.docker.com/engine/api/v1.35/
9094
- # [3]: https://docs.docker.com/engine/reference/run/
9410
+ # [3]: https://docs.docker.com/engine/reference/run/#security-configuration
9095
9411
  #
9096
9412
  # @note When making an API call, you may pass SystemControl
9097
9413
  # data as a hash:
@@ -9624,16 +9940,17 @@ module Aws::ECS
9624
9940
  #
9625
9941
  # @!attribute [rw] network_mode
9626
9942
  # The Docker networking mode to use for the containers in the task.
9627
- # The valid values are `none`, `bridge`, `awsvpc`, and `host`. The
9628
- # default Docker network mode is `bridge`. If you are using the
9629
- # Fargate launch type, the `awsvpc` network mode is required. If you
9630
- # are using the EC2 launch type, any network mode can be used. If the
9631
- # network mode is set to `none`, you cannot specify port mappings in
9632
- # your container definitions, and the tasks containers do not have
9633
- # external connectivity. The `host` and `awsvpc` network modes offer
9634
- # the highest networking performance for containers because they use
9635
- # the EC2 network stack instead of the virtualized network stack
9636
- # provided by the `bridge` mode.
9943
+ # The valid values are `none`, `bridge`, `awsvpc`, and `host`. If no
9944
+ # network mode is specified, the default is `bridge`.
9945
+ #
9946
+ # For Amazon ECS tasks on Fargate, the `awsvpc` network mode is
9947
+ # required. For Amazon ECS tasks on Amazon EC2 instances, any network
9948
+ # mode can be used. If the network mode is set to `none`, you cannot
9949
+ # specify port mappings in your container definitions, and the tasks
9950
+ # containers do not have external connectivity. The `host` and
9951
+ # `awsvpc` network modes offer the highest networking performance for
9952
+ # containers because they use the EC2 network stack instead of the
9953
+ # virtualized network stack provided by the `bridge` mode.
9637
9954
  #
9638
9955
  # With the `host` and `awsvpc` network modes, exposed container ports
9639
9956
  # are mapped directly to the corresponding host port (for the `host`
@@ -9641,6 +9958,10 @@ module Aws::ECS
9641
9958
  # the `awsvpc` network mode), so you cannot take advantage of dynamic
9642
9959
  # host port mappings.
9643
9960
  #
9961
+ # When using the `host` network mode, you should not run containers
9962
+ # using the root user (UID 0). It is considered best practice to use a
9963
+ # non-root user.
9964
+ #
9644
9965
  # If the network mode is `awsvpc`, the task is allocated an elastic
9645
9966
  # network interface, and you must specify a NetworkConfiguration value
9646
9967
  # when you create a service or run a task with the task definition.
@@ -9753,9 +10074,12 @@ module Aws::ECS
9753
10074
  # @!attribute [rw] memory
9754
10075
  # The amount (in MiB) of memory used by the task.
9755
10076
  #
9756
- # If using the EC2 launch type, this field is optional and any value
9757
- # can be used. If a task-level memory value is specified then the
9758
- # container-level memory value is optional.
10077
+ # If using the EC2 launch type, you must specify either a task-level
10078
+ # memory value or a container-level memory value. This field is
10079
+ # optional and any value can be used. If a task-level memory value is
10080
+ # specified then the container-level memory value is optional. For
10081
+ # more information regarding container-level memory and memory
10082
+ # reservation, see [ContainerDefinition][1].
9759
10083
  #
9760
10084
  # If using the Fargate launch type, this field is required and you
9761
10085
  # must use one of the following values, which determines your range of
@@ -9775,6 +10099,10 @@ module Aws::ECS
9775
10099
  #
9776
10100
  # * Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)
9777
10101
  # - Available `cpu` values: 4096 (4 vCPU)
10102
+ #
10103
+ #
10104
+ #
10105
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html
9778
10106
  # @return [String]
9779
10107
  #
9780
10108
  # @!attribute [rw] inference_accelerators
@@ -10272,7 +10600,7 @@ module Aws::ECS
10272
10600
  # @return [String]
10273
10601
  #
10274
10602
  # @!attribute [rw] size
10275
- # The size (in MiB) of the tmpfs volume.
10603
+ # The maximum size (in MiB) of the tmpfs volume.
10276
10604
  # @return [Integer]
10277
10605
  #
10278
10606
  # @!attribute [rw] mount_options
@@ -10368,6 +10696,53 @@ module Aws::ECS
10368
10696
  #
10369
10697
  class UntagResourceResponse < Aws::EmptyStructure; end
10370
10698
 
10699
+ # @note When making an API call, you may pass UpdateCapacityProviderRequest
10700
+ # data as a hash:
10701
+ #
10702
+ # {
10703
+ # name: "String", # required
10704
+ # auto_scaling_group_provider: { # required
10705
+ # managed_scaling: {
10706
+ # status: "ENABLED", # accepts ENABLED, DISABLED
10707
+ # target_capacity: 1,
10708
+ # minimum_scaling_step_size: 1,
10709
+ # maximum_scaling_step_size: 1,
10710
+ # instance_warmup_period: 1,
10711
+ # },
10712
+ # managed_termination_protection: "ENABLED", # accepts ENABLED, DISABLED
10713
+ # },
10714
+ # }
10715
+ #
10716
+ # @!attribute [rw] name
10717
+ # An object representing the parameters to update for the Auto Scaling
10718
+ # group capacity provider.
10719
+ # @return [String]
10720
+ #
10721
+ # @!attribute [rw] auto_scaling_group_provider
10722
+ # The name of the capacity provider to update.
10723
+ # @return [Types::AutoScalingGroupProviderUpdate]
10724
+ #
10725
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/UpdateCapacityProviderRequest AWS API Documentation
10726
+ #
10727
+ class UpdateCapacityProviderRequest < Struct.new(
10728
+ :name,
10729
+ :auto_scaling_group_provider)
10730
+ SENSITIVE = []
10731
+ include Aws::Structure
10732
+ end
10733
+
10734
+ # @!attribute [rw] capacity_provider
10735
+ # The details of a capacity provider.
10736
+ # @return [Types::CapacityProvider]
10737
+ #
10738
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/UpdateCapacityProviderResponse AWS API Documentation
10739
+ #
10740
+ class UpdateCapacityProviderResponse < Struct.new(
10741
+ :capacity_provider)
10742
+ SENSITIVE = []
10743
+ include Aws::Structure
10744
+ end
10745
+
10371
10746
  # @note When making an API call, you may pass UpdateClusterSettingsRequest
10372
10747
  # data as a hash:
10373
10748
  #
@@ -10590,6 +10965,10 @@ module Aws::ECS
10590
10965
  # },
10591
10966
  # ],
10592
10967
  # deployment_configuration: {
10968
+ # deployment_circuit_breaker: {
10969
+ # enable: false, # required
10970
+ # rollback: false, # required
10971
+ # },
10593
10972
  # maximum_percent: 1,
10594
10973
  # minimum_healthy_percent: 1,
10595
10974
  # },
@@ -10872,12 +11251,14 @@ module Aws::ECS
10872
11251
  include Aws::Structure
10873
11252
  end
10874
11253
 
10875
- # A data volume used in a task definition. For tasks that use Amazon
10876
- # Elastic File System (Amazon EFS) file storage, specify an
10877
- # `efsVolumeConfiguration`. For tasks that use a Docker volume, specify
10878
- # a `DockerVolumeConfiguration`. For tasks that use a bind mount host
10879
- # volume, specify a `host` and optional `sourcePath`. For more
10880
- # information, see [Using Data Volumes in Tasks][1].
11254
+ # A data volume used in a task definition. For tasks that use the Amazon
11255
+ # Elastic File System (Amazon EFS), specify an `efsVolumeConfiguration`.
11256
+ # For Windows tasks that use Amazon FSx for Windows File Server file
11257
+ # system, specify a `fsxWindowsFileServerVolumeConfiguration`. For tasks
11258
+ # that use a Docker volume, specify a `DockerVolumeConfiguration`. For
11259
+ # tasks that use a bind mount host volume, specify a `host` and optional
11260
+ # `sourcePath`. For more information, see [Using Data Volumes in
11261
+ # Tasks][1].
10881
11262
  #
10882
11263
  #
10883
11264
  #
@@ -10912,6 +11293,14 @@ module Aws::ECS
10912
11293
  # iam: "ENABLED", # accepts ENABLED, DISABLED
10913
11294
  # },
10914
11295
  # },
11296
+ # fsx_windows_file_server_volume_configuration: {
11297
+ # file_system_id: "String", # required
11298
+ # root_directory: "String", # required
11299
+ # authorization_config: { # required
11300
+ # credentials_parameter: "String", # required
11301
+ # domain: "String", # required
11302
+ # },
11303
+ # },
10915
11304
  # }
10916
11305
  #
10917
11306
  # @!attribute [rw] name
@@ -10948,13 +11337,19 @@ module Aws::ECS
10948
11337
  # File System file system for task storage.
10949
11338
  # @return [Types::EFSVolumeConfiguration]
10950
11339
  #
11340
+ # @!attribute [rw] fsx_windows_file_server_volume_configuration
11341
+ # This parameter is specified when you are using Amazon FSx for
11342
+ # Windows File Server file system for task storage.
11343
+ # @return [Types::FSxWindowsFileServerVolumeConfiguration]
11344
+ #
10951
11345
  # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/Volume AWS API Documentation
10952
11346
  #
10953
11347
  class Volume < Struct.new(
10954
11348
  :name,
10955
11349
  :host,
10956
11350
  :docker_volume_configuration,
10957
- :efs_volume_configuration)
11351
+ :efs_volume_configuration,
11352
+ :fsx_windows_file_server_volume_configuration)
10958
11353
  SENSITIVE = []
10959
11354
  include Aws::Structure
10960
11355
  end