By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Connect ECS Fargate Service/Task from public

0

I have a service in my ECS Cluster. Sample http://test-svc.dev.myapp.local:8082

I created this Service with assignPublicIp: true

In the service description I have: Auto-assign public IP Turned on

How I now connect to this service from outside?

asked 2 months ago317 views
2 Answers
0
Accepted Answer

To connect to your ECS Fargate service from outside, you need to follow these steps:

  1. Ensure your ECS service is deployed in a public subnet with the "Auto-assign public IP" option enabled, which you've already done.

  2. Make sure the security group associated with your ECS tasks allows inbound traffic on port 8082 from the IP ranges you want to allow access from.

  3. Check that the Network Access Control List (NACL) for your subnet allows both inbound and outbound traffic on the necessary ports.

  4. Find the public IP address assigned to your Fargate task. You can do this by:

  • Opening the Amazon ECS console
  • Navigating to your cluster
  • Selecting the service you created
  • Going to the Tasks tab
  • Choosing the running task
  • In the Configuration section, look for the Public IP
  1. Once you have the public IP, you can access your service using: http://[public-ip]:8082

Remember that the public IP may change if your task is stopped and restarted. For a more stable solution, consider using an Application Load Balancer (ALB) in front of your ECS service. This would provide a fixed DNS name for accessing your service and allow for better scalability and management of incoming traffic.
Sources
Access ECS Service from outside ECS (Public internet) | AWS re:Post
Learn how to create an Amazon ECS Linux task for the Fargate launch type - Amazon Elastic Container Service
Learn how to create an Amazon ECS Windows task for the Fargate launch type - Amazon Elastic Container Service

profile picture
answered 2 months ago
profile picture
EXPERT
reviewed a month ago
0

In summary, to connect to your ECS service from outside:

Ensure Public IP is assigned to your ECS tasks (which you've already done). Check security group settings to allow inbound traffic on port 8082 from the required IP range (e.g., 0.0.0.0/0 for full external access). Ensure the task is running in a public subnet with an internet gateway. Find the public IP of the ECS task in the ECS console and access the service via http://<public_ip>:8082. Alternatively, you can expose the service through an Application Load Balancer (ALB) or Network Load Balancer (NLB) for more secure and scalable access.

profile picture
EXPERT
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions