aws-sdk-ecs 1.23.1 → 1.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 35623b16bc49180ed5a3b20473d52e050825c85f
-  data.tar.gz: 399d40817c2706804ef3a5a19b36292e8daf76f8
+  metadata.gz: 687d35c960db5add6e536e5622739d54b3089937
+  data.tar.gz: 4f7c61f395409e29ffc1bbe132f0bce689ce20f5
 SHA512:
-  metadata.gz: 79bd688ab3bcd9cc679e26d539367f63be21ae5222fcbdda3cba894ee426bc95514dadba6baf1e8849da731f5de9020d35b85508ad58e802af4726f853418b4c
-  data.tar.gz: 3606141f0877c5e6fe4549697927862367069333bffb5a33eaf60faf2296f91c86d0fc9c9a3d856a6e1e3d38eaa33a6a5e12a8413fd2f6f99127156e8715065d
+  metadata.gz: 1562ce22f101f52519bc21e2d389dbf7835189d32584ad044d7b58a6b61923a62dc3401883e787cbfb8fc2fc104e9f4b2d328c310a88e603ef66472d789d120f
+  data.tar.gz: 99b777c9ac3354d7a78d7d97fc799ff0a245427c4479518daa4bfb917d5fe8eb1ab4bcdb1337b23ad72c75c3c1d68bd18fcafbfd51c1e487dc2e5a590763c891

data/lib/aws-sdk-ecs.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-ecs/customizations'
 # @service
 module Aws::ECS
 
-  GEM_VERSION = '1.23.1'
+  GEM_VERSION = '1.24.0'
 
 end

data/lib/aws-sdk-ecs/client.rb

@@ -1410,6 +1410,8 @@ module Aws::ECS
     #   resp.task_definition.requires_compatibilities[0] #=> String, one of "EC2", "FARGATE"
     #   resp.task_definition.cpu #=> String
     #   resp.task_definition.memory #=> String
+    #   resp.task_definition.pid_mode #=> String, one of "host", "task"
+    #   resp.task_definition.ipc_mode #=> String, one of "host", "task", "none"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/DeregisterTaskDefinition AWS API Documentation
     #
@@ -2064,6 +2066,8 @@ module Aws::ECS
     #   resp.task_definition.requires_compatibilities[0] #=> String, one of "EC2", "FARGATE"
     #   resp.task_definition.cpu #=> String
     #   resp.task_definition.memory #=> String
+    #   resp.task_definition.pid_mode #=> String, one of "host", "task"
+    #   resp.task_definition.ipc_mode #=> String, one of "host", "task", "none"
     #   resp.tags #=> Array
     #   resp.tags[0].key #=> String
     #   resp.tags[0].value #=> String
@@ -3425,8 +3429,8 @@ module Aws::ECS
     #   Docker network mode is `bridge`. If you are using the Fargate launch
     #   type, the `awsvpc` network mode is required. If you are using the EC2
     #   launch type, any network mode can be used. If the network mode is set
-    #   to `none`, you can't specify port mappings in your container
-    #   definitions, and the task's containers do not have external
+    #   to `none`, you cannot specify port mappings in your container
+    #   definitions, and the tasks containers do not have external
     #   connectivity. The `host` and `awsvpc` network modes offer the highest
     #   networking performance for containers because they use the EC2 network
     #   stack instead of the virtualized network stack provided by the
@@ -3439,18 +3443,26 @@ module Aws::ECS
     #   port mappings.
     #
     #   If the network mode is `awsvpc`, the task is allocated an elastic
-    #   network interface, and you must specify a NetworkConfiguration when
-    #   you create a service or run a task with the task definition. For more
-    #   information, see [Task Networking][1] in the *Amazon Elastic Container
-    #   Service Developer Guide*.
+    #   network interface, and you must specify a NetworkConfiguration value
+    #   when you create a service or run a task with the task definition. For
+    #   more information, see [Task Networking][1] in the *Amazon Elastic
+    #   Container Service Developer Guide*.
+    #
+    #   <note markdown="1"> Currently, only Amazon ECS-optimized AMIs, other Amazon Linux variants
+    #   with the `ecs-init` package, or AWS Fargate infrastructure support the
+    #   `awsvpc` network mode.
+    #
+    #    </note>
     #
-    #   If the network mode is `host`, you can't run multiple instantiations
+    #   If the network mode is `host`, you cannot run multiple instantiations
     #   of the same task on a single container instance when port mappings are
     #   used.
     #
     #   Docker for Windows uses different network modes than Docker for Linux.
     #   When you register a task definition with Windows containers, you must
-    #   not specify a network mode.
+    #   not specify a network mode. If you use the console to register a task
+    #   definition with Windows containers, you must choose the `<default>`
+    #   network mode object.
     #
     #   For more information, see [Network settings][2] in the *Docker run
     #   reference*.
@@ -3526,11 +3538,11 @@ module Aws::ECS
     #
     #    </note>
     #
-    #   If you are using the EC2 launch type, this field is optional.
+    #   If using the EC2 launch type, this field is optional.
     #
-    #   If you are using the Fargate launch type, this field is required and
-    #   you must use one of the following values, which determines your range
-    #   of supported values for the `cpu` parameter:
+    #   If using the Fargate launch type, this field is required and you must
+    #   use one of the following values, which determines your range of
+    #   supported values for the `cpu` parameter:
     #
     #   * 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256
     #     (.25 vCPU)
@@ -3554,6 +3566,70 @@ module Aws::ECS
     #   character length of 128 characters, and tag values can have a maximum
     #   length of 256 characters.
     #
+    # @option params [String] :pid_mode
+    #   The process namespace to use for the containers in the task. The valid
+    #   values are `host` or `task`. If `host` is specified, then all
+    #   containers within the tasks that specified the `host` PID mode on the
+    #   same container instance share the same IPC resources with the host
+    #   Amazon EC2 instance. If `task` is specified, all containers within the
+    #   specified task share the same process namespace. If no value is
+    #   specified, the default is a private namespace. For more information,
+    #   see [PID settings][1] in the *Docker run reference*.
+    #
+    #   If the `host` PID mode is used, be aware that there is a heightened
+    #   risk of undesired process namespace expose. For more information, see
+    #   [Docker security][2].
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks using
+    #   the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#pid-settings---pid
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #
+    # @option params [String] :ipc_mode
+    #   The IPC resource namespace to use for the containers in the task. The
+    #   valid values are `host`, `task`, or `none`. If `host` is specified,
+    #   then all containers within the tasks that specified the `host` IPC
+    #   mode on the same container instance share the same IPC resources with
+    #   the host Amazon EC2 instance. If `task` is specified, all containers
+    #   within the specified task share the same IPC resources. If `none` is
+    #   specified, then IPC resources within the containers of a task are
+    #   private and not shared with other containers in a task or on the
+    #   container instance. If no value is specified, then the IPC resource
+    #   namespace sharing depends on the Docker daemon setting on the
+    #   container instance. For more information, see [IPC settings][1] in the
+    #   *Docker run reference*.
+    #
+    #   If the `host` IPC mode is used, be aware that there is a heightened
+    #   risk of undesired IPC namespace expose. For more information, see
+    #   [Docker security][2].
+    #
+    #   If you are setting namespaced kernel parameters using `systemControls`
+    #   for the containers in the task, the following will apply to your IPC
+    #   resource namespace. For more information, see [System Controls][3] in
+    #   the *Amazon Elastic Container Service Developer Guide*.
+    #
+    #   * For tasks that use the `host` IPC mode, IPC namespace related
+    #     `systemControls` are not supported.
+    #
+    #   * For tasks that use the `task` IPC mode, IPC namespace related
+    #     `systemControls` will apply to all containers within a task.
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks using
+    #   the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#ipc-settings---ipc
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #   [3]: http://docs.aws.amazon.com/AmazonECS/latest/developerguidetask_definition_parameters.html
+    #
     # @return [Types::RegisterTaskDefinitionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RegisterTaskDefinitionResponse#task_definition #task_definition} => Types::TaskDefinition
@@ -3773,6 +3849,8 @@ module Aws::ECS
     #         value: "TagValue",
     #       },
     #     ],
+    #     pid_mode: "host", # accepts host, task
+    #     ipc_mode: "host", # accepts host, task, none
     #   })
     #
     # @example Response structure
@@ -3890,6 +3968,8 @@ module Aws::ECS
     #   resp.task_definition.requires_compatibilities[0] #=> String, one of "EC2", "FARGATE"
     #   resp.task_definition.cpu #=> String
     #   resp.task_definition.memory #=> String
+    #   resp.task_definition.pid_mode #=> String, one of "host", "task"
+    #   resp.task_definition.ipc_mode #=> String, one of "host", "task", "none"
     #   resp.tags #=> Array
     #   resp.tags[0].key #=> String
     #   resp.tags[0].value #=> String
@@ -5327,7 +5407,7 @@ module Aws::ECS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-ecs'
-      context[:gem_version] = '1.23.1'
+      context[:gem_version] = '1.24.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-ecs/client_api.rb

@@ -101,6 +101,7 @@ module Aws::ECS
     HostVolumeProperties = Shapes::StructureShape.new(name: 'HostVolumeProperties')
     Integer = Shapes::IntegerShape.new(name: 'Integer')
     InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
+    IpcMode = Shapes::StringShape.new(name: 'IpcMode')
     KernelCapabilities = Shapes::StructureShape.new(name: 'KernelCapabilities')
     KeyValuePair = Shapes::StructureShape.new(name: 'KeyValuePair')
     LaunchType = Shapes::StringShape.new(name: 'LaunchType')
@@ -139,6 +140,7 @@ module Aws::ECS
     NetworkInterfaces = Shapes::ListShape.new(name: 'NetworkInterfaces')
     NetworkMode = Shapes::StringShape.new(name: 'NetworkMode')
     NoUpdateAvailableException = Shapes::StructureShape.new(name: 'NoUpdateAvailableException')
+    PidMode = Shapes::StringShape.new(name: 'PidMode')
     PlacementConstraint = Shapes::StructureShape.new(name: 'PlacementConstraint')
     PlacementConstraintType = Shapes::StringShape.new(name: 'PlacementConstraintType')
     PlacementConstraints = Shapes::ListShape.new(name: 'PlacementConstraints')
@@ -775,6 +777,8 @@ module Aws::ECS
     RegisterTaskDefinitionRequest.add_member(:cpu, Shapes::ShapeRef.new(shape: String, location_name: "cpu"))
     RegisterTaskDefinitionRequest.add_member(:memory, Shapes::ShapeRef.new(shape: String, location_name: "memory"))
     RegisterTaskDefinitionRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "tags"))
+    RegisterTaskDefinitionRequest.add_member(:pid_mode, Shapes::ShapeRef.new(shape: PidMode, location_name: "pidMode"))
+    RegisterTaskDefinitionRequest.add_member(:ipc_mode, Shapes::ShapeRef.new(shape: IpcMode, location_name: "ipcMode"))
     RegisterTaskDefinitionRequest.struct_class = Types::RegisterTaskDefinitionRequest
 
     RegisterTaskDefinitionResponse.add_member(:task_definition, Shapes::ShapeRef.new(shape: TaskDefinition, location_name: "taskDefinition"))
@@ -999,6 +1003,8 @@ module Aws::ECS
     TaskDefinition.add_member(:requires_compatibilities, Shapes::ShapeRef.new(shape: CompatibilityList, location_name: "requiresCompatibilities"))
     TaskDefinition.add_member(:cpu, Shapes::ShapeRef.new(shape: String, location_name: "cpu"))
     TaskDefinition.add_member(:memory, Shapes::ShapeRef.new(shape: String, location_name: "memory"))
+    TaskDefinition.add_member(:pid_mode, Shapes::ShapeRef.new(shape: PidMode, location_name: "pidMode"))
+    TaskDefinition.add_member(:ipc_mode, Shapes::ShapeRef.new(shape: IpcMode, location_name: "ipcMode"))
     TaskDefinition.struct_class = Types::TaskDefinition
 
     TaskDefinitionFieldList.member = Shapes::ShapeRef.new(shape: TaskDefinitionField)

data/lib/aws-sdk-ecs/types.rb

@@ -2658,7 +2658,7 @@ module Aws::ECS
     #
     #   `[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]`
     #
-    #   An exit code of 0 indicates success, and a non-zero exit code
+    #   An exit code of 0 indicates success, and non-zero exit code
     #   indicates failure. For more information, see `HealthCheck` in the
     #   [Create a container][1] section of the [Docker Remote API][2].
     #
@@ -4538,6 +4538,8 @@ module Aws::ECS
     #             value: "TagValue",
     #           },
     #         ],
+    #         pid_mode: "host", # accepts host, task
+    #         ipc_mode: "host", # accepts host, task, none
     #       }
     #
     # @!attribute [rw] family
@@ -4571,8 +4573,8 @@ module Aws::ECS
     #   default Docker network mode is `bridge`. If you are using the
     #   Fargate launch type, the `awsvpc` network mode is required. If you
     #   are using the EC2 launch type, any network mode can be used. If the
-    #   network mode is set to `none`, you can't specify port mappings in
-    #   your container definitions, and the task's containers do not have
+    #   network mode is set to `none`, you cannot specify port mappings in
+    #   your container definitions, and the tasks containers do not have
     #   external connectivity. The `host` and `awsvpc` network modes offer
     #   the highest networking performance for containers because they use
     #   the EC2 network stack instead of the virtualized network stack
@@ -4585,18 +4587,26 @@ module Aws::ECS
     #   host port mappings.
     #
     #   If the network mode is `awsvpc`, the task is allocated an elastic
-    #   network interface, and you must specify a NetworkConfiguration when
-    #   you create a service or run a task with the task definition. For
-    #   more information, see [Task Networking][1] in the *Amazon Elastic
-    #   Container Service Developer Guide*.
+    #   network interface, and you must specify a NetworkConfiguration value
+    #   when you create a service or run a task with the task definition.
+    #   For more information, see [Task Networking][1] in the *Amazon
+    #   Elastic Container Service Developer Guide*.
+    #
+    #   <note markdown="1"> Currently, only Amazon ECS-optimized AMIs, other Amazon Linux
+    #   variants with the `ecs-init` package, or AWS Fargate infrastructure
+    #   support the `awsvpc` network mode.
     #
-    #   If the network mode is `host`, you can't run multiple
+    #    </note>
+    #
+    #   If the network mode is `host`, you cannot run multiple
     #   instantiations of the same task on a single container instance when
     #   port mappings are used.
     #
     #   Docker for Windows uses different network modes than Docker for
     #   Linux. When you register a task definition with Windows containers,
-    #   you must not specify a network mode.
+    #   you must not specify a network mode. If you use the console to
+    #   register a task definition with Windows containers, you must choose
+    #   the `<default>` network mode object.
     #
     #   For more information, see [Network settings][2] in the *Docker run
     #   reference*.
@@ -4680,11 +4690,11 @@ module Aws::ECS
     #
     #    </note>
     #
-    #   If you are using the EC2 launch type, this field is optional.
+    #   If using the EC2 launch type, this field is optional.
     #
-    #   If you are using the Fargate launch type, this field is required and
-    #   you must use one of the following values, which determines your
-    #   range of supported values for the `cpu` parameter:
+    #   If using the Fargate launch type, this field is required and you
+    #   must use one of the following values, which determines your range of
+    #   supported values for the `cpu` parameter:
     #
     #   * 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values:
     #     256 (.25 vCPU)
@@ -4710,6 +4720,73 @@ module Aws::ECS
     #   a maximum length of 256 characters.
     #   @return [Array<Types::Tag>]
     #
+    # @!attribute [rw] pid_mode
+    #   The process namespace to use for the containers in the task. The
+    #   valid values are `host` or `task`. If `host` is specified, then all
+    #   containers within the tasks that specified the `host` PID mode on
+    #   the same container instance share the same IPC resources with the
+    #   host Amazon EC2 instance. If `task` is specified, all containers
+    #   within the specified task share the same process namespace. If no
+    #   value is specified, the default is a private namespace. For more
+    #   information, see [PID settings][1] in the *Docker run reference*.
+    #
+    #   If the `host` PID mode is used, be aware that there is a heightened
+    #   risk of undesired process namespace expose. For more information,
+    #   see [Docker security][2].
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks
+    #   using the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#pid-settings---pid
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #   @return [String]
+    #
+    # @!attribute [rw] ipc_mode
+    #   The IPC resource namespace to use for the containers in the task.
+    #   The valid values are `host`, `task`, or `none`. If `host` is
+    #   specified, then all containers within the tasks that specified the
+    #   `host` IPC mode on the same container instance share the same IPC
+    #   resources with the host Amazon EC2 instance. If `task` is specified,
+    #   all containers within the specified task share the same IPC
+    #   resources. If `none` is specified, then IPC resources within the
+    #   containers of a task are private and not shared with other
+    #   containers in a task or on the container instance. If no value is
+    #   specified, then the IPC resource namespace sharing depends on the
+    #   Docker daemon setting on the container instance. For more
+    #   information, see [IPC settings][1] in the *Docker run reference*.
+    #
+    #   If the `host` IPC mode is used, be aware that there is a heightened
+    #   risk of undesired IPC namespace expose. For more information, see
+    #   [Docker security][2].
+    #
+    #   If you are setting namespaced kernel parameters using
+    #   `systemControls` for the containers in the task, the following will
+    #   apply to your IPC resource namespace. For more information, see
+    #   [System Controls][3] in the *Amazon Elastic Container Service
+    #   Developer Guide*.
+    #
+    #   * For tasks that use the `host` IPC mode, IPC namespace related
+    #     `systemControls` are not supported.
+    #
+    #   * For tasks that use the `task` IPC mode, IPC namespace related
+    #     `systemControls` will apply to all containers within a task.
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks
+    #   using the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#ipc-settings---ipc
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #   [3]: http://docs.aws.amazon.com/AmazonECS/latest/developerguidetask_definition_parameters.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/RegisterTaskDefinitionRequest AWS API Documentation
     #
     class RegisterTaskDefinitionRequest < Struct.new(
@@ -4723,7 +4800,9 @@ module Aws::ECS
       :requires_compatibilities,
       :cpu,
       :memory,
-      :tags)
+      :tags,
+      :pid_mode,
+      :ipc_mode)
       include Aws::Structure
     end
 
@@ -6195,8 +6274,8 @@ module Aws::ECS
     #   default Docker network mode is `bridge`. If you are using the
     #   Fargate launch type, the `awsvpc` network mode is required. If you
     #   are using the EC2 launch type, any network mode can be used. If the
-    #   network mode is set to `none`, you can't specify port mappings in
-    #   your container definitions, and the task's containers do not have
+    #   network mode is set to `none`, you cannot specify port mappings in
+    #   your container definitions, and the tasks containers do not have
     #   external connectivity. The `host` and `awsvpc` network modes offer
     #   the highest networking performance for containers because they use
     #   the EC2 network stack instead of the virtualized network stack
@@ -6209,18 +6288,18 @@ module Aws::ECS
     #   host port mappings.
     #
     #   If the network mode is `awsvpc`, the task is allocated an elastic
-    #   network interface, and you must specify a NetworkConfiguration when
-    #   you create a service or run a task with the task definition. For
-    #   more information, see [Task Networking][1] in the *Amazon Elastic
-    #   Container Service Developer Guide*.
+    #   network interface, and you must specify a NetworkConfiguration value
+    #   when you create a service or run a task with the task definition.
+    #   For more information, see [Task Networking][1] in the *Amazon
+    #   Elastic Container Service Developer Guide*.
     #
-    #   <note markdown="1"> Currently, only the Amazon ECS-optimized AMI, other Amazon Linux
+    #   <note markdown="1"> Currently, only Amazon ECS-optimized AMIs, other Amazon Linux
     #   variants with the `ecs-init` package, or AWS Fargate infrastructure
     #   support the `awsvpc` network mode.
     #
     #    </note>
     #
-    #   If the network mode is `host`, you can't run multiple
+    #   If the network mode is `host`, you cannot run multiple
     #   instantiations of the same task on a single container instance when
     #   port mappings are used.
     #
@@ -6316,11 +6395,11 @@ module Aws::ECS
     #   @return [String]
     #
     # @!attribute [rw] memory
-    #   The amount (in MiB) of memory used by the task. If you are using the
-    #   EC2 launch type, this field is optional and any value can be used.
-    #   If you are using the Fargate launch type, this field is required and
-    #   you must use one of the following values, which determines your
-    #   range of valid values for the `cpu` parameter:
+    #   The amount (in MiB) of memory used by the task. If using the EC2
+    #   launch type, this field is optional and any value can be used. If
+    #   using the Fargate launch type, this field is required and you must
+    #   use one of the following values, which determines your range of
+    #   valid values for the `cpu` parameter:
     #
     #   * 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values:
     #     256 (.25 vCPU)
@@ -6338,6 +6417,73 @@ module Aws::ECS
     #     - Available `cpu` values: 4096 (4 vCPU)
     #   @return [String]
     #
+    # @!attribute [rw] pid_mode
+    #   The process namespace to use for the containers in the task. The
+    #   valid values are `host` or `task`. If `host` is specified, then all
+    #   containers within the tasks that specified the `host` PID mode on
+    #   the same container instance share the same IPC resources with the
+    #   host Amazon EC2 instance. If `task` is specified, all containers
+    #   within the specified task share the same process namespace. If no
+    #   value is specified, the default is a private namespace. For more
+    #   information, see [PID settings][1] in the *Docker run reference*.
+    #
+    #   If the `host` PID mode is used, be aware that there is a heightened
+    #   risk of undesired process namespace expose. For more information,
+    #   see [Docker security][2].
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks
+    #   using the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#pid-settings---pid
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #   @return [String]
+    #
+    # @!attribute [rw] ipc_mode
+    #   The IPC resource namespace to use for the containers in the task.
+    #   The valid values are `host`, `task`, or `none`. If `host` is
+    #   specified, then all containers within the tasks that specified the
+    #   `host` IPC mode on the same container instance share the same IPC
+    #   resources with the host Amazon EC2 instance. If `task` is specified,
+    #   all containers within the specified task share the same IPC
+    #   resources. If `none` is specified, then IPC resources within the
+    #   containers of a task are private and not shared with other
+    #   containers in a task or on the container instance. If no value is
+    #   specified, then the IPC resource namespace sharing depends on the
+    #   Docker daemon setting on the container instance. For more
+    #   information, see [IPC settings][1] in the *Docker run reference*.
+    #
+    #   If the `host` IPC mode is used, be aware that there is a heightened
+    #   risk of undesired IPC namespace expose. For more information, see
+    #   [Docker security][2].
+    #
+    #   If you are setting namespaced kernel parameters using
+    #   `systemControls` for the containers in the task, the following will
+    #   apply to your IPC resource namespace. For more information, see
+    #   [System Controls][3] in the *Amazon Elastic Container Service
+    #   Developer Guide*.
+    #
+    #   * For tasks that use the `host` IPC mode, IPC namespace related
+    #     `systemControls` are not supported.
+    #
+    #   * For tasks that use the `task` IPC mode, IPC namespace related
+    #     `systemControls` will apply to all containers within a task.
+    #
+    #   <note markdown="1"> This parameter is not supported for Windows containers or tasks
+    #   using the Fargate launch type.
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.docker.com/engine/reference/run/#ipc-settings---ipc
+    #   [2]: https://docs.docker.com/engine/security/security/
+    #   [3]: http://docs.aws.amazon.com/AmazonECS/latest/developerguidetask_definition_parameters.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecs-2014-11-13/TaskDefinition AWS API Documentation
     #
     class TaskDefinition < Struct.new(
@@ -6355,7 +6501,9 @@ module Aws::ECS
       :compatibilities,
       :requires_compatibilities,
       :cpu,
-      :memory)
+      :memory,
+      :pid_mode,
+      :ipc_mode)
       include Aws::Structure
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-ecs
 version: !ruby/object:Gem::Version
-  version: 1.23.1
+  version: 1.24.0
 platform: ruby
 authors:
 - Amazon Web Services