schemaVersion: '0.3'
description: 'ECS Task 자동 스케일링 복구'
assumeRole: '{{AutomationAssumeRole}}'
parameters:
ClusterName:
type: String
ServiceName:
type: String
DesiredCount:
type: Integer
default: 10
mainSteps:
- name: checkCurrentState
action: aws:executeAwsApi
inputs:
Service: ecs
Api: DescribeServices
cluster: '{{ClusterName}}'
services: ['{{ServiceName}}']
- name: scaleUp
action: aws:executeAwsApi
inputs:
Service: ecs
Api: UpdateService
cluster: '{{ClusterName}}'
service: '{{ServiceName}}'
desiredCount: '{{DesiredCount}}'
- name: waitForStable
action: aws:waitForAwsResourceProperty
inputs:
Service: ecs
Api: DescribeServices
cluster: '{{ClusterName}}'
services: ['{{ServiceName}}']
PropertySelector: '$.services[0].runningCount'
DesiredValues: ['{{DesiredCount}}']
timeoutSeconds: 300
- name: validateMetrics
action: aws:executeScript
inputs:
Runtime: python3.11
Script: |
import boto3
cw = boto3.client('cloudwatch')
class RemediationGuard:
def __init__(self, config):
self.max_blast_radius = config['max_affected_pct']
self.require_approval = config['require_approval']
self.rollback_conditions = config['rollback_on']
def can_execute(self, action, context):
affected = self.estimate_blast_radius(action)
if affected > self.max_blast_radius:
return False, f"Blast radius {affected}% > {self.max_blast_radius}%"
if self.has_active_remediation(context):
return False, "Another remediation in progress"
if self.require_approval:
return 'pending_approval', "Waiting for operator approval"
return True, "Safe to execute"
def should_rollback(self, metrics_after):
for condition in self.rollback_conditions:
if self.evaluate(condition, metrics_after):
return True, condition['description']
return False, None