ECS is a fully managed container orchestration service that makes it easy for you to deploy, manage, and scale containerized applications. You can use ECS to drive insights into values such as:
- Service Discovery
- Deployment, container, and events details
In order to connect Cortex to your AWS resources, you’ll need to add your AWS Account ID and IAM Role in Settings → AWS.
If you do not see the Settings page you're looking for in the sidebar, you likely don't have the proper permissions and need to contact your admin.
- Log onto the AWS management console and navigate to IAM
- Create a new IAM policy by navigating to Policies | Create Policy.
- Switch to the JSON editor and insert the following policy:
- Click Review Policy, name it whatever you like, then Create Policy.
- Next, let's create a new role and attach the new policy to it. Navigate to Roles | Create Role.
- Select Another AWS account as the trusted entity type.
- For Account ID, fill in the Cortex AWS account ID from Settings | AWS.
- Click Require External ID and insert the Cortex external ID from Settings | AWS, then click Next: Permissions.
- Select your newly created policy, and click Next: Tags, if you'd like to add any, otherwise skip the next page with Next: Review.
- Name your role, and click Create Role.
- Finally, copy your new role name and AWS account ID into the Cortex AWS settings page.
AMAZON_ACCESS_KEY_SECRET environment variables to an account that has the role created above.
Cortex can associate ECS services with existing entities in Cortex using AWS tags.
- key: service
- key: service
This will automatically link any ECS service with the matching tags.
Cortex uses a combination of Service ARN and Cluster ARN to look up catalog entities in your AWS account. You can tie multiple ECS services to a single entity within Cortex.
- clusterArn: abcd
- clusterArn: stuv
The value for
serviceArn are defined in ECS.