Skip to content

Commit a7051f9

Browse files
jordanstephensjordanstephens
committed
update list of aws resources
1 parent d7a1b04 commit a7051f9

File tree

1 file changed

+50
-79
lines changed

1 file changed

+50
-79
lines changed

docs/providers/aws/aws.md

Lines changed: 50 additions & 79 deletions
Original file line numberDiff line numberDiff line change
@@ -66,82 +66,53 @@ When using [Managed Redis](/docs/concepts/managed-storage/managed-redis.md), the
6666

6767
### Managed Resources
6868

69-
Defang will create and manage the following resources in your AWS account as part of its bootstrap procedure:
70-
71-
```
72-
* aws:cloudwatch/logGroup:LogGroup ecs
73-
* aws:s3/bucket:Bucket alb-logs
74-
* aws:ecr/pullThroughCacheRule:PullThroughCacheRule ecr-public
75-
* aws:iam/role:Role ecs-agent-profile
76-
* aws:s3/bucketPolicy:BucketPolicy alb-logs-policy
77-
* aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock alb-logs-block
78-
* awsx:ec2:Vpc shared-vpc
79-
* └─ aws:ec2/vpc:Vpc shared-vpc
80-
* ├─ aws:ec2/internetGateway:InternetGateway shared-vpc
81-
* ├─ aws:ec2/subnet:Subnet shared-vpc-private-3
82-
* │ └─ aws:ec2/routeTable:RouteTable shared-vpc-private-3
83-
* │ ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-private-3
84-
* │ └─ aws:ec2/route:Route shared-vpc-private-3
85-
* ├─ aws:ec2/subnet:Subnet shared-vpc-private-1
86-
* │ └─ aws:ec2/routeTable:RouteTable shared-vpc-private-1
87-
* │ ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-private-1
88-
* │ └─ aws:ec2/route:Route shared-vpc-private-1
89-
* ├─ aws:ec2/subnet:Subnet shared-vpc-private-2
90-
* │ └─ aws:ec2/routeTable:RouteTable shared-vpc-private-2
91-
* │ ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-private-2
92-
* │ └─ aws:ec2/route:Route shared-vpc-private-2
93-
* ├─ aws:ec2/vpcEndpoint:VpcEndpoint com.amazonaws.us-west-2.s3
94-
* ├─ aws:ec2/subnet:Subnet shared-vpc-public-1
95-
* │ ├─ aws:ec2/routeTable:RouteTable shared-vpc-public-1
96-
* │ │ ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-public-1
97-
* │ │ └─ aws:ec2/route:Route shared-vpc-public-1
98-
* │ ├─ aws:ec2/eip:Eip shared-vpc-1
99-
* │ └─ aws:ec2/natGateway:NatGateway shared-vpc-1
100-
* ├─ aws:ec2/subnet:Subnet shared-vpc-public-2
101-
* │ └─ aws:ec2/routeTable:RouteTable shared-vpc-public-2
102-
* │ ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-public-2
103-
* │ └─ aws:ec2/route:Route shared-vpc-public-2
104-
* └─ aws:ec2/subnet:Subnet shared-vpc-public-3
105-
* └─ aws:ec2/routeTable:RouteTable shared-vpc-public-3
106-
* ├─ aws:ec2/routeTableAssociation:RouteTableAssociation shared-vpc-public-3
107-
* └─ aws:ec2/route:Route shared-vpc-public-3
108-
* aws:iam/role:Role ecs-task-role
109-
* aws:ec2/networkAcl:NetworkAcl shared-nacl
110-
* aws:ec2/securityGroup:SecurityGroup sg443
111-
```
112-
113-
Then, defang will manage the following resources for each project you deploy:
114-
115-
```
116-
* awsx:ecr:Repository project1/kaniko-build
117-
* ├─ aws:ecr/repository:Repository project1/kaniko-build
118-
* └─ aws:ecr/lifecyclePolicy:LifecyclePolicy project1/kaniko-build
119-
* aws:acm/certificate:Certificate *.project1.tenant1.defang.app
120-
* awsx:ecr:Repository project1/kaniko-build/cache
121-
* ├─ aws:ecr/repository:Repository project1/kaniko-build/cache
122-
* └─ aws:ecr/lifecyclePolicy:LifecyclePolicy project1/kaniko-build/cache
123-
* aws:iam/instanceProfile:InstanceProfile ecs-agent-profile
124-
* aws:iam/role:Role ecs-task-execution-role
125-
* aws:cloudwatch/eventRule:EventRule project1-ecs-lifecycle-rule
126-
* aws:cloudwatch/eventTarget:EventTarget project1-ecs-event-cw-target
127-
* aws:route53/record:Record validation-project1.tenant1.defang.app
128-
* aws:acm/certificateValidation:CertificateValidation *.project1.tenant1.defang.appValidation
129-
* aws:ec2/vpcDhcpOptionsAssociation:VpcDhcpOptionsAssociation dhcp-options-association
130-
* defang-mvp:shared/ecs/defang:Defang defang
131-
* ├─ defang-mvp:shared/ecs/kaniko:Kaniko kaniko
132-
* │ ├─ aws:cloudwatch/logGroup:LogGroup builds
133-
* │ ├─ aws:iam/role:Role kaniko-task-role
134-
* │ ├─ aws:ecs/taskDefinition:TaskDefinition kanikoTaskDefArm64
135-
* │ └─ aws:ecs/taskDefinition:TaskDefinition kanikoTaskDefAmd64
136-
* ├─ aws:s3/bucket:Bucket defang-build
137-
* ├─ aws:s3/bucketPublicAccessBlock:BucketPublicAccessBlock defang-build-block
138-
* ├─ aws:ecs/cluster:Cluster cluster
139-
* └─ aws:ecs/clusterCapacityProviders:ClusterCapacityProviders cluster-capacity-providers
140-
* defang-mvp:cd/tenant_stack:TenantStack bootstrap
141-
* ├─ defang-mvp:shared/fargate_service:FargateService project1_app
142-
* │ └─ aws:ec2/securityGroup:SecurityGroup project1_app-sg
143-
* ├─ defang-mvp:shared/ecs/kaniko_image:KanikoImage app-image
144-
* └─ aws:ec2/securityGroup:SecurityGroup bootstrap
145-
* aws:ec2/vpcDhcpOptions:VpcDhcpOptions dhcp-options
146-
* aws:cloudwatch/logGroup:LogGroup logs
147-
```
69+
Defang will create and manage the following resources in your AWS account from its bootstrap CloudFormation template:
70+
71+
| Resource Type | Example Resource Name |
72+
|---------------|------------------------|
73+
| s3/Bucket | defang-cd-bucket-cbpbzz8hzm7 |
74+
| ecs/ClusterCapacityProviderAssociations | defang-cd-Cluster-pqFhjwuklvm |
75+
| ecs/Cluster | defang-cd-ClusterpJqFhjwuklvm |
76+
| iam/Role | defang-cd-ExeutionRole-XE7RbQDfeEwx |
77+
| ec2/InternetGateway | igw-05bd7adc92541ec3 |
78+
| ec2/VPCGatewayAttachment | IGW|vpc-0cbca64f13435695 |
79+
| logs/LogGroup | defang-cd-Logroup-6LSZet3tFnEy |
80+
| ecr/PullThroughCacheRule | defang-cd-ecrpublic |
81+
| ec2/Route | rtb-08f3f5afc9e6c8c8|0.0.0.0/0 |
82+
| ec2/RouteTable | rtb-08f3f5ffc9e6c8c8 |
83+
| ec2/VPCEndpoint | vpce-02175d8d4f47d0c9 |
84+
| ec2/SecurityGroup | sg-032b839c63e70e49 |
85+
| ec2/Subnet | subnet-086bead399ddc8a0 |
86+
| ec2/SubnetRouteTableAssociation | rtbassoc-02e200d45e7227fe |
87+
| ecs/TaskDefinition | arn:aws:ecsus-west-2:381492210770:task-definition/defang-cd-TaskDefinition-RXd5tf9TaN38:1 |
88+
| iam/Role | defang-cd-askRole-gsEeDPd6sPQY |
89+
| ec2/VPC | vpc-0cbca64f13435695 |
90+
91+
Then, for each project you deploy, defang will create and manage the following resources:
92+
93+
| Resource Type | Example Resource Name |
94+
|---------------|------------------------|
95+
| ecr/Repository | project1/kaniko-build |
96+
| ecr/LifecyclePolicy | project1/kaniko-build |
97+
| acm/Certificate | *.project1.tenant1.defang.app |
98+
| ecr/Repository | project1/kaniko-build/cache |
99+
| ecr/LifecyclePolicy | project1/kaniko-build/cache |
100+
| iam/InstanceProfile | ecs-agent-profile |
101+
| iam/Role | ecs-task-execution-role |
102+
| cloudwatch/EventRule | project1-ecs-lifecycle-rule |
103+
| cloudwatch/EventTarget | project1-ecs-event-cw-target |
104+
| route53/Record | validation-project1.tenant1.defang.app |
105+
| acm/CertificateValidation | *.project1.tenant1.defang.appValidation |
106+
| ec2/VpcDhcpOptionsAssociation | dhcp-options-association |
107+
| cloudwatch/LogGroup | builds |
108+
| iam/Role | kaniko-task-role |
109+
| ecs/TaskDefinition | kanikoTaskDefArm64 |
110+
| ecs/TaskDefinition | kanikoTaskDefAmd64 |
111+
| s3/Bucket | defang-build |
112+
| s3/BucketPublicAccessBlock | defang-build-block |
113+
| ecs/Cluster | cluster |
114+
| ecs/ClusterCapacityProviders | cluster-capacity-providers |
115+
| ec2/SecurityGroup | project1_app-sg |
116+
| ec2/SecurityGroup | bootstrap |
117+
| ec2/VpcDhcpOptions | dhcp-options |
118+
| cloudwatch/LogGroup | logs |

0 commit comments

Comments
 (0)