ECS Tasks not launching due to no public ip assigned

Question

Any help here much appreciated, as I do not understand why this is happening...

I have deployed a new VPC, with public subnets and "assign_public_ip_address" seting to enabled. (I have deployed an ec2 instance in the subnet and managed to connect using ssh from local machine).

My understanding is that the tasks running in the public subnet which use a IGW should be able to pull images from an external source?

So, I have deployed an ecs cluster and tasks but the task cannot pull the image from docker with the following message:

Reading AWS documentation and running the AWS Automation runbook (AWSSupport-TroubleshootECSTaskFailedToStart - https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/automation-aws-troubleshootecstaskfailedtostart.html) I have gotten back the following error message:

{"Payload":{"analysis_message":"GENERIC CHECKS
===============
The Fargate Task is launched in a Public Subnet without Auto-assign Public IP, This impacts task to pull required information to spin up containers

So the task i am looking at is here:

And the subnet this task is being deployed to is here:

I have checked the configuration for the subnet to ensure the ip auto assign is configured and it is as shown here:

However the task fails to pull the image.

What am i missing here please?

Again, any help much appreciated :)

Answer 1

The VPC setting "assign_public_ip_address" only applies to EC2 instances, not other things like Fargate tasks. In the ECS task definition's network configuration section, where you specify the ECS task's security group(s) and subnets, there is a setting there to enable public IP address for the task. In the ECS API that setting is "assignPublicIp". You have to enable that for the ECS Fargate task to actually be assigned a public IP address.