[aws-ecs] Allow associating an existing Cloud Map service to an ECS service

[otterley]

Customers who associate App Mesh Virtual Nodes with ECS services need to be able to properly configure service discovery. This entails the following steps:

1. Create a Cloud Map namespace
2. Create a Cloud Map service associated with the namespace
3. Create a Virtual Node and associate it with the service
4. Refer to the Virtual Node name in the ECS service's Envoy proxy container (APPMESH_VIRTUAL_NODE_NAME environment variable)
5. Ensure the ECS service's service-discovery configuration updates the Cloud Map service created in step (2).

Right now, if a customer creates an ECS service and calls enableCloudMap against it, a new Cloud Map service is created by CDK, even if the customer specifies the namespace and service names created in steps (1) and (2) above. Instead, the customer needs to refer to the existing Cloud Map service in order for everything to work properly.

Here's some example code that fails:

    const mesh = new appmesh.Mesh(this, "Mesh");
    const namespace = new sd.PrivateDnsNamespace(this, "Namespace", {
      vpc,
      name: "internal.example.com",
    });
    const cloudMapService = namespace.createService("app");

    const webAppNode = new appmesh.VirtualNode(this, "AppNode", {
      mesh,
      listener: {
        portMapping: {
          port: 80,
          protocol: appmesh.Protocol.HTTP,
        },
      },
      cloudMapService,
    });

    const webService = new ecs.Ec2Service(this, "WebService", {
      // etc.
    });
    webService.enableCloudMap({
      cloudMapNamespace: cloudMapService.namespace,
      name: cloudMapService.serviceName,
    });

This results in a template with two instances of AWS::ServiceDiscovery::Service and a failure during stack creation caused by service duplication ("Service [srv-xxxxxxx] already exists").

Proposed Solution

Need some method and/or construct property on ecs.{Ec2,Fargate}Service that allows passing in an existing Cloud Map service resource.

Current workaround:

    (webService.node.children as cdk.CfnResource[])
      .find((resource) => resource.cfnResourceType === "AWS::ECS::Service")
      ?.addOverride("Properties.ServiceRegistries", [
        {
          RegistryArn: cloudMapService.serviceArn,
        },
      ]);

This is a 🚀 Feature Request

[rizblie]

Fixing this would also enable use of apigatewayv2 with service discovery and ECS. At present it is not possible to pass the CloudMap service created by the ECS Service to an APIGateway HttpServiceDiscoveryIntegration. More detail at [aws-apigatewayv2-integrations] #11603.