ManagedInstancesCapacityProvider

The security groups to associate with the launched EC2 instances. These security groups control the network traffic allowed to and from the instances.

The VPC subnets where EC2 instances will be launched. This array must be non-empty and should contain subnets from the VPC where you want the managed instances to be deployed.

Specifies the capacity option type for instances launched by this capacity provider. This determines whether instances are launched as On-Demand or Spot instances.

Default: - `ON_DEMAND`

The name of the capacity provider. If a name is specified, it cannot start with `aws`, `ecs`, or `fargate`. If no name is specified, a default name in the CFNStackName-CFNResourceName-RandomString format is used. If the stack name starts with `aws`, `ecs`, or `fargate`, a unique resource name is generated that starts with `cp-`.

Default: CloudFormation-generated name

The EC2 instance profile that will be attached to instances launched by this capacity provider. This instance profile must contain the necessary IAM permissions for ECS container instances to register with the cluster and run tasks. At minimum, it should include permissions for ECS agent communication, ECR image pulling, and CloudWatch logging. If you are using Amazon ECS Managed Instances with the AWS-managed Infrastructure policy (`AmazonECSInfrastructureRolePolicyForManagedInstances`), the instance profile must be prefixed with `ecsInstanceRole` for the built in PassRole policy to apply. If you are using a custom policy for the Infrastructure role, the instance profile can have an alternative name.

Default: - A new instance profile prefixed with 'ecsInstanceRole' will be created

The IAM role that ECS uses to manage the infrastructure for the capacity provider. This role is used by ECS to perform actions such as launching and terminating instances, managing Auto Scaling Groups, and other infrastructure operations required for the managed instances capacity provider.

Default: - A new role will be created with the AmazonECSInfrastructureRolePolicyForManagedInstances managed policy

The instance requirements configuration for EC2 instance selection. This allows you to specify detailed requirements for instance selection including vCPU count ranges, memory ranges, CPU manufacturers (Intel, AMD, AWS Graviton), instance generations, network performance requirements, and many other criteria. ECS will automatically select appropriate instance types that meet these requirements.

Default: - no specific instance requirements, ECS will choose appropriate instances

The CloudWatch monitoring configuration for the EC2 instances. Determines the granularity of CloudWatch metrics collection for the instances. Detailed monitoring incurs additional costs but provides better observability.

Default: - no enhanced monitoring (basic monitoring only)

Specifies whether to propagate tags from the capacity provider to the launched instances. When set to CAPACITY_PROVIDER, tags applied to the capacity provider resource will be automatically applied to all EC2 instances launched by this capacity provider.

Default: PropagateManagedInstancesTags.NONE - no tag propagation

The size of the task volume storage attached to each instance. This storage is used for container images, container logs, and temporary files. Larger storage may be needed for workloads with large container images or applications that generate significant temporary data.

Default: Size.gibibytes(80)