Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

ECS Restart Policy - How can i capture the event that is produced by this?

0

Hi AWS Community,

i have an EventBridge Rule

  ECSTaskRestartRule:
    Type: AWS::Events::Rule
    Properties:
      EventPattern:
        source:
          - aws.ecs
        detail-type:
          - ECS Task State Change
        detail:
          clusterArn:
            - !GetAtt ECSCluster.Arn
          lastStatus:
            - STOPPED

with that i can capture stopped ECS Tasks. How can i capture and process events that are generated through the "Restart Policy"? Does anybody know how i can find those events?

Topics
Application IntegrationServerlessManagement & GovernanceContainers
Tags
AWS CloudFormationAmazon Elastic Container ServiceAmazon EventBridge
Language
English
asked a year ago466 views
1 Answer
1

To capture and process events generated by the ECS Restart Policy, you need to modify your EventBridge rule to specifically target these events. The ECS Restart Policy events are not separate from the regular ECS Task State Change events, but they can be identified within those events.

Here's how you can adjust your EventBridge rule to capture restart policy-related events:

  1. Keep the existing event pattern for ECS Task State Change events.
  2. Add additional filters in the "detail" section to capture restart-related information.

You can modify your EventBridge rule as follows:

ECSTaskRestartRule:
  Type: AWS::Events::Rule
  Properties:
    EventPattern:
      source:
        - aws.ecs
      detail-type:
        - ECS Task State Change
      detail:
        clusterArn:
          - !GetAtt ECSCluster.Arn
        lastStatus:
          - STOPPED
        stoppedReason:
          - prefix: "Task failed container health checks"
        containers:
          - restartCount:
              - exists: true

This modified rule will capture ECS Task State Change events that are specifically related to container restarts due to the restart policy. The "stoppedReason" field with the prefix "Task failed container health checks" is often associated with restart policy actions. The "restartCount" field in the "containers" section will help identify tasks that have been restarted.

To monitor the number of times a container has restarted, you can use the Amazon ECS task metadata endpoint or CloudWatch Container Insights. The task metadata endpoint provides detailed information about task and container status, including restart counts. CloudWatch Container Insights offers metrics for Amazon ECS that can help you track container restarts.

Remember that the exact event details may vary depending on the specific circumstances of the restart, so you might need to adjust the filters based on your observations of the actual events generated in your environment.
Sources
Restart individual containers in Amazon ECS tasks with container restart policies - Amazon Elastic Container Service
Configuring Amazon ECS to listen for CloudWatch Events events - Amazon Elastic Container Service
Configuring an EventBridge rule for Security Hub findings - AWS Security Hub

answered a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content