Skip to content
Alchemy
GitHubXDiscord

FargateProfile

The FargateProfile resource allows you to manage AWS EKS FargateProfiles for running your Kubernetes pods on AWS Fargate, enabling serverless compute for containers.

Minimal Example

Section titled “Minimal Example”

Create a basic FargateProfile with required properties and one optional subnet configuration.

import AWS from "alchemy/aws/control";


const fargateProfile = await AWS.EKS.FargateProfile("defaultFargateProfile", {
  clusterName: "myEKSCluster",
  podExecutionRoleArn: "arn:aws:iam::123456789012:role/myPodExecutionRole",
  selectors: [
    {
      namespace: "default"
    }
  ],
  subnets: [
    "10.0.0.0/24",
    "10.0.1.0/24"
  ]
});

Advanced Configuration

Section titled “Advanced Configuration”

Configure a FargateProfile with multiple selectors and additional tags for better management.

const advancedFargateProfile = await AWS.EKS.FargateProfile("advancedFargateProfile", {
  clusterName: "myAdvancedEKSCluster",
  podExecutionRoleArn: "arn:aws:iam::123456789012:role/myAdvancedPodExecutionRole",
  selectors: [
    {
      namespace: "frontend",
      labels: {
        app: "web"
      }
    },
    {
      namespace: "backend",
      labels: {
        app: "api"
      }
    }
  ],
  subnets: [
    "10.0.2.0/24",
    "10.0.3.0/24"
  ],
  tags: [
    {
      key: "Environment",
      value: "Production"
    },
    {
      key: "Team",
      value: "DevOps"
    }
  ]
});

Custom Execution Role

Section titled “Custom Execution Role”

Define a custom pod execution role with specific IAM policies for enhanced security.

const customExecutionRole = await AWS.IAM.Role("customPodExecutionRole", {
  assumeRolePolicyDocument: JSON.stringify({
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: {
          Service: "eks-fargate-pods.amazonaws.com"
        },
        Action: "sts:AssumeRole"
      }
    ]
  }),
  policies: [
    {
      policyName: "FargatePodPolicy",
      policyDocument: JSON.stringify({
        Version: "2012-10-17",
        Statement: [
          {
            Effect: "Allow",
            Action: [
              "logs:CreateLogStream",
              "logs:PutLogEvents",
              "ecr:GetAuthorizationToken",
              "ecr:BatchGetImage",
              "ecr:BatchCheckLayerAvailability"
            ],
            Resource: "*"
          }
        ]
      })
    }
  ]
});

This role can then be used in your FargateProfile like so:

const fargateProfileWithCustomRole = await AWS.EKS.FargateProfile("fargateProfileWithCustomRole", {
  clusterName: "myEKSClusterWithCustomRole",
  podExecutionRoleArn: customExecutionRole.arn,
  selectors: [
    {
      namespace: "default"
    }
  ],
  subnets: [
    "10.0.4.0/24",
    "10.0.5.0/24"
  ]
});