I'm working through an AWS Python tutorial, module 2.
I'm at the point Section C, where I have to create a task definition by filling in some REPLACE_ME values in a json file.
{
"family": "mythicalmysfitsservice",
"cpu": "256",
"memory": "512",
"networkMode": "awsvpc",
"requiresCompatibilities": [
"FARGATE"
],
"executionRoleArn": "REPLACE_ME_ECS_SERVICE_ROLE_ARN",
"taskRoleArn": "REPLACE_ME_ECS_TASK_ROLE_ARN",
"containerDefinitions": [
{
"name": "MythicalMysfits-Service",
"image": "REPLACE_ME_IMAGE_TAG_USED_IN_ECR_PUSH",
"portMappings": [
{
"containerPort": 8080,
"protocol": "http"
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "mythicalmysfits-logs",
"awslogs-region": "us-east-1",
"awslogs-stream-prefix": "awslogs-mythicalmysfits-service"
}
},
"essential": true
}
]
}
There are three variables I'm not sure where to get the values:
"REPLACE_ME_ECS_SERVICE_ROLE_ARN",
"REPLACE_ME_ECS_TASK_ROLE_ARN",
"REPLACE_ME_IMAGE_TAG_USED_IN_ECR_PUSH"
Before this step, in steps A and B, I create-cluster, but the output of that doesn't indicate obvious values to me:
$ aws ecs create-cluster --cluster-name MythicalMysfits-Cluster
{
"cluster": {
"clusterArn": "arn:aws:ecs:us-east-1:002847010850:cluster/MythicalMysfits-Cluster",
"clusterName": "MythicalMysfits-Cluster",
"status": "ACTIVE",
"registeredContainerInstancesCount": 0,
"runningTasksCount": 0,
"pendingTasksCount": 0,
"activeServicesCount": 0,
"statistics": [],
"tags": [],
"settings": [
{
"name": "containerInsights",
"value": "disabled"
}
],
"capacityProviders": [],
"defaultCapacityProviderStrategy": []
}
}
The only value I suspect I might know is, "REPLACE_ME_IMAGE_TAG_USED_IN_ECR_PUSH" which i could take from docker push 002847010850.dkr.ecr.us-east-1.amazonaws.com/mythicalmysfits/service when I pushed a docker image to the Elastic Compute Repository
So I made a guess and used the "clusterArn" value for both REPLACE_ME's, and the original image tag for the third but
$ aws ecs register-task-definition --cli-input-json file://~/environment/aws-modern-application-workshop/module-2/aws-cli/task-definition.json
An error occurred (ClientException) when calling the RegisterTaskDefinition operation: Role is not valid
This is the json I fed it:
{
"family": "mythicalmysfitsservice",
"cpu": "256",
"memory": "512",
"networkMode": "awsvpc",
"requiresCompatibilities": [
"FARGATE"
],
"executionRoleArn": "arn:aws:ecs:us-east-1:002847010850:cluster/MythicalMysfits-Cluster",
"taskRoleArn": "arn:aws:ecs:us-east-1:002847010850:cluster/MythicalMysfits-Cluster",
"containerDefinitions": [
{
"name": "MythicalMysfits-Service",
"image": "002847010850.dkr.ecr.us-east-1.amazonaws.com/mythicalmysfits/service",
"portMappings": [
{
"containerPort": 8080,
"protocol": "http"
}
],
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "mythicalmysfits-logs",
"awslogs-region": "us-east-1",
"awslogs-stream-prefix": "awslogs-mythicalmysfits-service"
}
},
"essential": true
}
]
}
Can anyone advise where I'm going wrong here? This tutorial is pretty lousy -- just a bunch of incantations, very brittle, and no obvious forum discussions to work through it.
Marcin's suggestion of an answer caused me to to rethink and look at a JSON output from earlier in the tutorial.
aws cloudformation describe-stacks --stack-name MythicalMysfitsCoreStack gives a pile of key/value pairs and both REPLACE_ME_ECS_SERVICE_ROLE_ARN REPLACE_ME_ECS_TASK_ROLE_ARN OutputValues are inside there.
Then the procedure works.