How to Enter into AWS Fargate Container 💡
Effortless Guide to Executing into a Fargate Container #getintokube
This blog is for those who are tired of trying to exec into AWS Fargate containers. Even after referring to ChatGPT and various online blogs, you still couldn't find a solution to get inside a Fargate container. Here is the short and on-point solution you've been looking for.
Pre-requisites
AWS CLI Installed and Configured:
Install AWS CLI v2 or later if you haven’t already.
Ensure your CLI is configured with the correct region and credentials (aws configure).
IAM Permissions:
Add SSM permissions to the Task IAM role:
You should add the following policy to your existing ECS task IAM role. This grants permission for the ECS task to connect with the SSM Session Manager service.
Click
ecsTaskExecutionRole> Add Permission > Create inline policy > Switch to JSON > Paste the below policy then save. Do this for both the policies.{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel" ], "Resource": "*" } ] }Add ECS Execute Command permission to your Task IAM role:
Make sure your IAM role contains a policy that allows the action
ecs:ExecuteCommand. Otherwise, you’re not able to runaws ecs execute-commandin the AWS CLI in order to access the running container.✍️ Alter “Resource” value with ECS cluster arn in the below policy⬇️.
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "ecs:ExecuteCommand", "Resource": "arn:aws:ecs:example-region:example-arn:cluster/example-cluster/*" } ] }
AWS Session Manager Plugin Installed:
Steps to Execute into a Container
1. Identify Your Cluster and Task
Find the ECS cluster name and the task running your container:
aws ecs list-clustersaws ecs list-tasks --cluster <your-cluster-name>
2. Describe the Task
Get details about the task, including the container name:
aws ecs describe-tasks --cluster <your-cluster-name> --tasks <task-id>
3. Enable Execute Command on the Task
Now you need to enable the ECS Exec feature on existing ECS service and deploy the new task by using the below command.
aws ecs update-service \ --cluster <cluster-name> \ --task-definition <task-definition-name> \ --service <service-name> \ --enable-execute-command \ --force-new-deploymentAfter executing the above command, wait for the new task to deploy successfully.
4. Execute the Command
To open an interactive shell inside the container, replace
/bin/bashwith/bin/shifbashis not available in your container.aws ecs execute-command --cluster <cluster-name> \ --task <task-id> \ --container <container-name> \ --interactive \ --command "/bin/sh"This is the output you’ll see when you’re executing
aws ecs execute-commandon an actual running container.aws ecs execute-command --cluster <cluster-name> \ --task <task-id> \ --container <container-name> \ --interactive \ --command "/bin/sh" The Session Manager plugin was installed successfully. Use the AWS CLI to start a session. Starting session with SessionId: ecs-execute-command-5tap5jrfpg8g5p2o5z8opsfqxe #
By following these steps, you can 🤩 successfully enable and use the ECS Exec feature to open an interactive shell inside a running container.
If you have any suggestions, ideas, or thoughts to add, feel free to drop them in the comments. 👇📩
Your feedback means a lot! Don’t forget to hit that like❤️ button to show your support and stay tuned for more content. 🔔
⭐Thanks again!
#ecs #aws #ecs_fargate #getintokube #getintokube_blogs #aws #ecs #ecs_fargate #How_to_Enter_into_ AWS_Fargate_Container #How_to_exec_into_AWS_Fargate_Container
