Allow ECS Fargate task access to EC2 instance using Security Group ID instead of IP
I am trying to allow an ECS task on one security group to access an EC2 instance on another security group so that I can access a mongo database hosted on the EC2 instance. Both security groups are under the same VPC.
I have added an inbound rule to the security group of the EC2 instance and set the source to the security group of the ECS fargate task like so: 
However when I then try that, this does not allow access. Only when I use the ECS task's public or private IP does it actually allow it through. I have confirmed that the ECS task is indeed on the security group that is being allowed access to the EC2 instance. Is it possible to just allow a security group access? I want any ECS task I start to be allowed access without me needing to manually add the IP to the rules if possible.
Only when I use the ECS task's public or private IP does it actually allow it through.
Are you sure it's working when you add the ECS task's private IP? If it was only working when you added the ECS task's public IP then that would indicate that the problem is the ECS task trying to access the EC2 instance via the EC2 instance's public IP.
You need to make sure the ECS task is trying to connect to the EC2 instance's private IP address, in order to keep all traffic inside the VPC. Then adding the security group ID to the security group rule should work.