https://pulumi.com logo
Title
s

square-dress-80180

03/25/2021, 10:44 PM
Hi - does anyone have an example in any language of creating the resources necessary to generate logs from ECS container instances and send them to cloudwatch? From the AWS docs it mentions needing an IAM policy that allows this transfer, the attachment of the policy, the download and installation of cloudwatch agent in the container, and a config file in the container. I am just interested in getting the output of the docker container in ECS so this seems like quite a bit of work just to see that info, but I don’t get anything in the details section … so guess that’s the thing to do.
l

little-cartoon-10569

03/25/2021, 10:47 PM
I haven't, but I know that there are base images with the CloudWatch agent installed, so if you can start from those base images, things get at least a bit easier.
If you use the EC2 Image Builder, it has a container component for it, called "amazon-cloudwatch-agent-linux".
s

square-dress-80180

03/25/2021, 10:59 PM
Hmm - I just saw a SO issue that mentions that. It also appears that ECS task definition supports
awslogs
driver, so may not need to go crazy. TBD. Thanks for the help!
In case anyone else runs into this confusion, it’s actually super simple:
# Cloudwatch Prep
# The ecsInstanceRole should already have ability to send logs - don't 
# need to create a policy and attach. Just click through to Cloudwatch logs
# from Pulumi/Stack/Resources.
flask_log_group = aws.cloudwatch.LogGroup("cookie-demo-app-microservice")

# Creating a task definition for the Flask instance.
flask_task_definition = aws.ecs.TaskDefinition("flask-task-definition",
    family="frontend-task-definition-family",
    cpu="256",
    memory="512",
    network_mode="awsvpc",
    requires_compatibilities=["FARGATE"],
    execution_role_arn=app_exec_role_arn,
    task_role_arn=app_task_role_arn,
    container_definitions=pulumi.Output.all(flask_image.image_name, flask_log_group.name).apply(lambda args: json.dumps([{
        "name": "flask-container",
        "image": args[0],
        "memory": 512,
        "essential": True,
        "portMappings": [{
            "containerPort": flask_app_listening_port,
            "hostPort": flask_host_port,
            "protocol": "tcp"
        }],
        "logConfiguration": {
            "logDriver": "awslogs",
            "options": {
                "awslogs-group": args[1],
                "awslogs-region": "us-east-2",
                "awslogs-stream-prefix": env
            }
        }
    }])))
Just add the
logConfiguration
section and good to go.