Codefresh is a Docker-native CI/CD platform.

Instantly build , test and deploy Docker images.

Search results for "{{ search.query }}"

No results found for "{{search.query}}". 
View All Results

Amazon ECS

Deploy Codefresh to Amazon ECS Service


  • Configure an ECS Cluster with at least one running instance.
  • Configure an ECS Service and task definition with a deployed image.

  • Verify you have AWS Credentials (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY), with following privileges:

    "Version": "2012-10-17",
    "Statement": [
        "Sid": "Stmt1479146904000",
        "Effect": "Allow",
        "Action": [
        "Resource": [

Deployment with Codefresh.yml

The codefresh.yml file runs the codefresh/cf-deploy-ecs image with the cfecs-update command.

  1. Add encrypted environment variables for AWS credentials.
  2. Add the "deploy to ecs" step to the codefresh.yml file.
  3. Specify the following parameters.
    • aws region
    • ecs cluster
    • ecs-service-names.
      See cfecs-update -h for parameter references.
# codefresh.yml example with deploy to ecs step
version: '1.0'

    type: build
    image-name: repo/image:tag

  push to registry:
    type: push
    candidate: ${{build-step}}
    tag: ${{CF_BRANCH}}

  deploy to ecs:
    image: codefresh/cf-deploy-ecs
      - cfecs-update <aws-region> <ecs-cluster-name> <ecs-service-name>

          - master

Deploy from a Pipeline's UI deploy step

  1. Select Codefresh's Deploy Images in the pipeline's and select codefresh/cf-deploy-ecs:latest.

  2. As a deploy command use cfecs-update <aws-region> <ecs-cluster-name> <ecs-service-name> and replace <aws-region>, ≤ecs-cluster>, and ≤service-names≥ with the right region, cluster name and service name from your ECS account.
    For more information on how to use the Codefresh's ECS update check the image's page on GitHub.

  3. Add encrypted environment variables for AWS credentials.


Notice: The UI deploy step will run on any build. Make sure that your automated builds run only on a specific branch trigger.

Set the deploy image and script

Set the deploy image and script

Set the environment variable

Set the environment variable

Deployment Flow

  1. Get the ECS service by specified aws-region, ecs-cluster, and service-names.
  2. Create a new revision from the current task definition of the service. If --image-name and --image-tag are provided, replace the image tag.
  3. Run the update-service command with the new task definition revision.
  4. Wait for the deployment to complete.
    By default, service deployment is no run with the --no-wait command.
    • Deployment is successfully completed if runningCount == desiredCount for PRIMARY deployment - see aws ecs describe-service
    • The cfecs-update command exits with a timeout error if after --timeout (default = 900s) runningCount does not equal desiredCount
    • The cfecs-update exits with an error if --max-failed (default = 2) or more ECS tasks were stopped with error for the task definition that you are deploying.
      ECS continuously retries failed tasks.

Usage with Docker

docker run --rm -it -e AWS_ACCESS_KEY_ID=**** -e AWS_SECRET_ACCESS_KEY=**** codefresh/cf-ecs-deploy cfecs-update [options] <aws-region> <ecs-cluster-name> <ecs-service-name>

cfecs-update -h

usage: cfecs-update [-h] [-i IMAGE_NAME] [-t IMAGE_TAG] [--wait | --no-wait]
                    [--timeout TIMEOUT] [--max-failed MAX_FAILED] [--debug]
                    region_name cluster_name service_name

Codefresh ECS Deploy

positional arguments:
  region_name           AWS Region, ex. us-east-1
  cluster_name          ECS Cluster Name
  service_name          ECS Service Name

optional arguments:
  -h, --help            show this help message and exit
  --wait                Wait for deployment to complete (default)
  --no-wait             No Wait for deployment to complete
  --timeout TIMEOUT     deployment wait timeout (default 900s)
  --max-failed MAX_FAILED
                        max failed tasks to consider deployment as failed
                        (default 2)
  --debug               show debug messages

  -i IMAGE_NAME, --image-name IMAGE_NAME
                        Image Name in ECS Task Definition to set new tag
  -t IMAGE_TAG, --image-tag IMAGE_TAG
                        Tag for the image

Amazon ECS