Skip to content

Feature Request: AWS::ECS::Service - Add check for HealthCheckGracePeriodSeconds needs ALB/NLB #3612

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
2 tasks
r-heimann opened this issue Aug 22, 2024 · 0 comments · Fixed by #3671
Closed
2 tasks

Feature Request: AWS::ECS::Service - Add check for HealthCheckGracePeriodSeconds needs ALB/NLB #3612

r-heimann opened this issue Aug 22, 2024 · 0 comments · Fixed by #3671

Comments

@r-heimann
Copy link

r-heimann commented Aug 22, 2024
edited
Loading

Is this feature request related to a new rule or cfn-lint capabilities?

No response

Describe the feature you'd like to request

Currently cfn-lint is unable to see that if you add

HealthCheckGracePeriodSeconds
The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started.
This is only used when your service is configured to use a load balancer.
If your service has a load balancer defined and you don't specify a health check grace period value, the default value of 0 is used.

If you do not use an Elastic Load Balancing, we recommend that you use the startPeriod in the task definition health check parameters.
For more information, see Health check.

If your service's tasks take a while to start and respond to Elastic Load Balancing health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years).
During that time, the Amazon ECS service scheduler ignores health check status.
This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.

Required: No

Type: Integer

Update requires: No interruption

to AWS::ECS::Service, it doesn't know that you need an ALB/NLB attached or the deployment will fail with the following error message:

Resource handler returned message:
"Invalid request provided: UpdateService error: Health check grace period is only valid for services configured to use load balancers
(Service: AmazonECS; Status Code: 400; Error Code: InvalidParameterException;

Describe the solution you'd like

cfn-lint finds this error.

Additional context

Example:

  ECSService:
    Type: AWS::ECS::Service
    Properties:
      Cluster: !Ref ECSCluster
      TaskDefinition: !GetAtt ECSTaskDefinition.TaskDefinitionArn
      DesiredCount: 1
      LaunchType: FARGATE
      PropagateTags: SERVICE
      NetworkConfiguration:
        AwsvpcConfiguration:
          SecurityGroups:
            - !GetAtt ECSSecurityGroup.GroupId
          Subnets:
            - <subnet>
      EnableExecuteCommand: true
      HealthCheckGracePeriodSeconds: 36000

Is this something that you'd be interested in working on?

  • 👋 I may be able to implement this feature request

Would this feature include a breaking change?

  • ⚠️ This feature might incur a breaking change
@r-heimann r-heimann changed the title Feature Request: AWS::ECS::Service - Add check for HealthCheckGracePeriodSeconds needs ALB/NLB Feature Request: AWS::ECS::Service - Add check for HealthCheckGracePeriodSeconds needs ALB/NLB Aug 30, 2024
@kddejong kddejong mentioned this issue Sep 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Create rule E3056 to validate HealthCheck kddejong/cfn-python-lint
1 participant
@r-heimann