Restart All AWS ECS Services Using Lambda
Today I will show you, how you can restart your AWS ECS services using Lambda (Python) and Cloudwatch.
Step 1: Create a Policy which has ECS services update permission and has Cloudwatch permission.
Create new Policy and paste the below policy in it:
1{
2 "Version": "2012-10-17",
3 "Statement": [
4 {
5 "Effect": "Allow",
6 "Action": [
7 {
8 "Version": "2012-10-17",
9 "Statement": [
10 {
11 "Sid": "ECSPermission",
12 "Effect": "Allow",
13 "Action": [
14 "ecs:ListServices",
15 "ecs:ListServicesByNamespace",
16 "ecs:UpdateService",
17 "ecs:ListTasks",
18 "ecs:ListClusters"
19 ],
20 "Resource": "*"
21 },
22 {
23 "Effect": "Allow",
24 "Action": "logs:CreateLogGroup",
25 "Resource": "*"
26 },
27 {
28 "Effect": "Allow",
29 "Action": [
30 "logs:CreateLogStream",
31 "logs:PutLogEvents"
32 ],
33 "Resource": [
34 "*"
35 ]
36 }
37 ]
38}
39
Note: To know how to create a custom IAM policy , Please follow this link
Step 2: Create an IAM role and attached the above policy.
Note: Please check if Trust Relationship has below policy:
1{
2 "Version": "2012-10-17",
3 "Statement": [
4 {
5 "Effect": "Allow",
6 "Principal": {
7 "Service": "lambda.amazonaws.com"
8 },
9 "Action": "sts:AssumeRole"
10 }
11 ]
12}
Note: To know how to create IAM Role, Please follow the this link
Step 3: Create a Lambda Function to Restart the ECS Services:
Create a Lambda function and select the python language. Copy/paste the below script in the lambda function:
1import json
2import boto3
3from botocore.exceptions import ClientError
4
5client = boto3.client("ecs")
6
7def lambda_handler(event, context):
8 # ECS services restart
9 cluster = ['#Cluster-name']
10 for cluster_name in cluster:
11 response = client.list_services(cluster=cluster_name,maxResults=100)
12 service = response['serviceArns']
13 print(service)
14 for service_name in service:
15 print(service_name)
16 res = service_name.split("/", -1)
17 print(res)
18 service_name = res[-1]
19 print(service_name)
20 try:
21 client.update_service(
22 cluster= cluster_name,
23 service= service_name,
24 forceNewDeployment=True
25 )
26 print(service_name +" services has been restarted")
27 print("---------------")
28 except botocore.exceptions.ClientError as e:
29 print("Error occur for "+cluster_name+" cluster and "+service_name+" service. Error-Message: ",e)
30 print("---------------")
31 print("All services are restarted")
Note: Please change the "#Cluster-Name" with your ECS Cluster names. You have write multiple cluster name also.
Step 4: Save the lambda function and test both the functions are working or not.
Step 5: Now Open AWS CloudWatch to configure the scheduler.
Open CloudWatch Service and Click on the Rules menu, present in the Left side of your AWS console.
Step 6: Create a New Rule.
Click in Create Rule and Select schedule from the Event Source.
Step 7: Select the Cron expression and Enter the Timing:
Here I want to run the start script at 11:30 GMT Monday to Friday every month. (5:00 PM IST)
Note: Time in CloudWatch is in GMT. You have to check only to convert IST into GMT. You can use this link to convert the time from IST to GMT.
Also, Use this link to learn more about the CloudWatch cron format.
Step 8: Select the Lambda function in "Targets" and select your function from the drop-down menu. Here you have to select the start lambda function from the "Function" menu.
Step 9: Last, enter the Rule name , the description and check the "Enabled" state check-box.
Step 10: Now Click on "Create rule" to complete the step.
Note: Please note all service should be in the same region.