import * as aws from "@pulumi/aws"; import * as pulumi from "@pulumi/pulumi"; import * as awsx from "@pulumi/awsx"; import * as fs from "fs"; // Get config const awsConfig = new pulumi.Config("aws"); const awsRegion = awsConfig.require("region"); // Change to require to enforce region setting const projectConfig = new pulumi.Config(); const numberNodes = projectConfig.getNumber("numberNodes") || 2; // Set up IAM roles const ecsTaskExecutionRole = new aws.iam.Role("ecsTaskExecutionRole", { assumeRolePolicy: JSON.stringify({ Version: "2012-10-17", Statement: [ { Action: "sts:AssumeRole", Effect: "Allow", Principal: { Service: "ecs-tasks.amazonaws.com", }, }, ], }), }); const ecsTaskExecutionRolePolicyAttachment = new aws.iam.PolicyAttachment( "ecsTaskExecutionRolePolicyAttachment", { policyArn: "arnawsiam:awspolicy/service-role/AmazonECSTaskExecutionRolePolicy", roles: [ecsTaskExecutionRole.name], } ); // Create ECS cluster const cluster = new aws.ecs.Cluster("cluster"); // Create ECR repository const repo = new aws.ecr.Repository("app"); // Define the Docker image build context const imageBuildContext = "./app"; // Define the Dockerfile content const dockerfileContent = ` FROM node:14 # Set the working directory in the container WORKDIR /app # Copy package.json and package-lock.json to the working directory COPY package*.json ./ # Install dependencies RUN npm install # Copy the rest of the application code to the working directory COPY . . # Expose a port EXPOSE 9060 # Start the application CMD ["npm", "start"] `; // Write the Dockerfile to the build context directory fs.writeFileSync(

${imageBuildContext}/Dockerfile

, dockerfileContent); // Use AWS SDK to build and push the Docker image to ECR const ecrLoginResult = aws.ecr.getAuthorizationToken(); const ecrRegistry = repo.repositoryUrl; // Use

awsx.ecr.Image

instead of

aws.ecr.Image

const ecrImage = new awsx.ecr.Image("app-img", { imageName: pulumi.interpolate`${repo.repositoryName}:latest`, build: { context: imageBuildContext, dockerfile: "Dockerfile", }, }, { dependsOn: [ecrLoginResult] }); const ecrLoginCommand = pulumi.interpolate`docker login -u AWS -p ${ecrLoginResult.token} ${ecrRegistry}`; const ecrBuildCommand = pulumi.interpolate`docker build -t ${ecrImage.imageName} ${imageBuildContext}`; const ecrPushCommand = pulumi.interpolate`docker push ${ecrImage.imageName}`; const imageNameOutput = ecrImage.imageName; // Set up task definition for Fargate const taskDefinition = new aws.ecs.TaskDefinition("taskdefinition", { family: "ecs1", networkMode: "awsvpc", requiresCompatibilities: ["FARGATE"], executionRoleArn: ecsTaskExecutionRole.arn, cpu: "256", memory: "512", containerDefinitions: pulumi.interpolateJson([{ name: "app", image: imageNameOutput, // Use the image name here portMappings: [{ containerPort: 9060, hostPort: 9060, }], }]), }); // ... // Use the full image URL when creating the ECS service const service = new aws.ecs.Service("service", { cluster: cluster.arn, taskDefinition: taskDefinition.arn, launchType: "FARGATE", desiredCount: numberNodes, networkConfiguration: { subnets: aws.ec2.getSubnetIds({ vpcId: "vpc-035bf208713482f29" }).then((subnets) => subnets.ids.slice(0, numberNodes) ), securityGroups: ["sg-0b3fa29117360818c"], // Specify your security groups here }, platformVersion: "LATEST", deploymentMaximumPercent: 200, // Adjust as needed deploymentMinimumHealthyPercent: 100, // Adjust as needed waitForSteadyState: true, // Wait for the service to stabilize }); // Create an SSL certificate (replace with your actual ARN or ACM certificate) const sslCertificateArn = "arnawsacmus east 1458643523960:certificate/5fbd3c7e-12ee-4d42-af20-f97e1ffc5760"; // Create an Application Load Balancer (ALB) const loadBalancer = new aws.lb.LoadBalancer("loadBalancer", { internal: false, // Set to true for internal ALB, false for internet-facing ALB loadBalancerType: "application", subnets: aws.ec2.getSubnetIds({ vpcId: "vpc-035bf208713482f29" }).then((subnets) => subnets.ids.slice(0, numberNodes) ), enableDeletionProtection: false, // Set to true if you want to enable deletion protection securityGroups: ["sg-0b3fa29117360818c"], // Specify your security groups here }); // Create an ALB listener for HTTPS (port 443) const httpsListener = new aws.lb.Listener("httpsListener", { loadBalancerArn: loadBalancer.arn, port: 443, protocol: "HTTPS", sslPolicy: "ELBSecurityPolicy-2016-08", certificateArn: "arnawsacmus east 1458643523960:certificate/5fbd3c7e-12ee-4d42-af20-f97e1ffc5760", // Use your SSL certificate ARN here defaultActions: [{ type: "fixed-response", fixedResponse: { contentType: "text/plain", statusCode: "200", }, }], }); // ... export const clusterName = cluster.name;