ECS
Definition
ECS, or Amazon Elastic Container Service, is a fully managed container orchestration service provided by AWS. It allows users to run and manage Docker containers on a cluster of Amazon EC2 instances or using AWS Fargate, a serverless compute engine. ECS integrates with other AWS services, providing a scalable and secure environment for deploying containerized applications.
Secure Settings Example
{
"taskDefinition": {
"family": "my-secure-app",
"containerDefinitions": [
{
"name": "my-container",
"image": "my-secure-image:latest",
"essential": true,
"memory": 512,
"cpu": 256,
"logConfiguration": {
"logDriver": "awslogs",
"options": {
"awslogs-group": "/ecs/my-secure-app",
"awslogs-region": "us-west-2",
"awslogs-stream-prefix": "ecs"
}
},
"environment": [
{
"name": "ENV_VAR",
"value": "secure_value"
}
],
"secrets": [
{
"name": "DB_PASSWORD",
"valueFrom": "arn:aws:ssm:us-west-2:123456789012:parameter/db_password"
}
]
}
],
"networkMode": "awsvpc",
"requiresCompatibilities": ["FARGATE"],
"executionRoleArn": "arn:aws:iam::123456789012:role/ecsTaskExecutionRole"
}
}
Insecure Settings Example
{
"taskDefinition": {
"family": "my-insecure-app",
"containerDefinitions": [
{
"name": "my-container",
"image": "my-insecure-image:latest",
"essential": true,
"memory": 512,
"cpu": 256,
"logConfiguration": {
"logDriver": "json-file"
},
"environment": [
{
"name": "DB_PASSWORD",
"value": "plaintextpassword"
}
]
}
],
"networkMode": "bridge",
"requiresCompatibilities": ["EC2"]
}
}