Skip to content
This repository has been archived by the owner on Jul 10, 2024. It is now read-only.

OBS-393 Simplify user interface for ECS installation #237

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

OBS-393 Simplify user interface for ECS installation #237

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
ea4661b
OBS-393 Simplify user interface for ECS installation
gmann42 Sep 25, 2023
4900614
Remove unused imports
gmann42 Sep 25, 2023
f3d1db2
[DOC] Readme editorial update (#238)
nerminamiller-postman Sep 25, 2023
2c2cba5
Merge branch 'main' into OBS-393-handle-more-than-10-services
gmann42 Sep 26, 2023
e7ec98f
Update README.md (#240)
nerminamiller-postman Sep 26, 2023
9de70b0
Update README.md (#239)
nerminamiller-postman Sep 26, 2023
a943043
use AWS_PROFILE env var, minor fixes
gmann42 Sep 26, 2023
3ac455c
Merge branch 'OBS-393-handle-more-than-10-services' of github.com:aki…
gmann42 Sep 26, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 76 additions & 0 deletions cmd/internal/ecs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
### Amazon Elastic Container Service (ECS)

### Introduction

- The Postman Live Collection Agent (LCA) attaches as a sidecar to the specified service.
- The Postman collection is populated with endpoints observed from the traffic arriving at your service.
- Both EC2 and Fargate capacity providers are supported.

### Prerequisites

- AWS credentials stored at `~/.aws/credentials`
- Your AWS credentials **must have** these AWS permissions [Setup ECS Permissions](#setup-aws-ecs-permissions)
- ECS service must have public internet access. For more information, see [Ensure Internet Access](#ensure-internet-access),

### Usage

```
POSTMAN_API_KEY=<postman-api-key> postman-lc-agent ecs add \
--collection <postman-collectionID> \
--region <aws-region> \
--cluster <full ARN of ECS cluster> \
--service <full ARN of ECS service>
```

**NOTE**: Updating your service with the newly modified task definition might take time. Please check the AWS console for progress.

#### Additional configuration

- See the help menu for further configuration.

```
postman-lc-agent ecs --help
```

### Uninstall

- Update your ECS service to the old revision of the task definition.

### Set up AWS ECS permissions

- Attach the following policy to your AWS profile.

```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecs:UpdateService",
"ecs:RegisterTaskDefinition",
"ecs:DescribeServices",
"ecs:TagResource",
"ecs:DescribeTaskDefinition",
"ecs:DescribeClusters"
],
"Resource": "*"
}
]
}
```
- **Instead** of the above policy, [AmazonECS_FullAccess](https://docs.aws.amazon.com/AmazonECS/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-AmazonECS_FullAccess) can also be used to ensure easy authorization.

### Ensure internet access

#### Fargate tasks

- When using a public subnet, you can assign a public IP address to the task ENI.
- When using a private subnet, the subnet can have a NAT gateway attached.
- AWS Docs: See [Task networking for tasks hosted on Fargate](https://docs.aws.amazon.com/AmazonECS/latest/userguide/fargate-task-networking.html).

#### EC2 tasks

- Tasks must be launched in private subnets with NAT gateway.
- For more information, see [Task networking for tasks that are hosted on Amazon EC2 instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html)

Loading