Comments (7)
@samuelkarp Would you be open to a PR implementing this?
from amazon-ecs-cli.
@2opremio, sure!
from amazon-ecs-cli.
@samuelkarp I see two options here:
- Allow changing the role to something other than AmazonEC2ContainerServiceforEC2Role
- Allow overriding the full instance policy
We could do both (1) and (2) but, if we assume we only want one option, I would go for (2) since (1) has the extra dependency of creating a managed policy in advance (if a preexisting managed policy is not good enough).
Thoughts?
from amazon-ecs-cli.
A role can have multiple policies, so it is probably more flexible to allow additional policies. See the CloudFormation documentation for information on associating multiple policies with a role.
from amazon-ecs-cli.
@samuelkarp Sorry it took a while to answer. Even if we allow additional policies it would require the user to create those with a different tool (Console, AWS CLI etc ...) which can be inconvenient. In our usecase it would be more useful to allow defining the full role. Would this be OK?
I think I may find some time to do this in about a week (next week is going to be really busy for me)..
from amazon-ecs-cli.
Is there any chance of this issue getting addressed?
from amazon-ecs-cli.
We are planning on allowing a new flag, --role
, which will allow customers to pass in the ARN of a custom IAM Role. At this time, the customer will still need to create this role outside of the ECS CLI (e.g. via Console, AWS CLI etc). We will also still attach the AmazonEC2ContainerServiceforEC2Role
policy to this role, i.e. the customer will not be able to specify a custom IAM Policy.
from amazon-ecs-cli.
Related Issues (20)
- Feat. Request: Allow environment variables to depend on CF intrinsic functions
- `ecs-cli local up` badly handles secrets if the docker-compose container name has dashes
- `ecs-cli local create` should docker-compose escape the env vars in entrypoint
- ECS_CONTAINER_METADATA_URI is not accessible in macOS
- ecs-cli compose task failing with "Fargate only supports network mode ‘awsvpc’"
- Question: can I override the location of config and credential files?
- Support OSX Arm64
- EKS - Creating nodegroup
- Allow specifying container parameters (cpu, memory) using ecs params HOT 1
- global --endpoint flag is not supported
- Launch Templates vs Launch Configurations HOT 3
- Link to "Information about specific compose versions and fields supported by the ecs-cli" is broken
- when I run a task locally it does not seem to pickup environment variable containing values from parameterstore
- Create ecs-service from ecs-cli
- Problem with Task not working when creating Docker Volume driver with capital letter "Local"
- [Feature Request] depends_on option in ecs params
- Add support for readonlyrootfilesystem schema
- How to copy files into ECS container?
- unable to pull image HOT 1
- User-data script has erroneous newline breaking shebang, incompatible with Cloud-init versions on AL2023 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-ecs-cli.