Does Fargate always use a VPC? And if you don't specify a VPC, it uses the default VPC in the customer account? And if you don't have a default VPC, it creates it for you?
The ClusterProps definition in the CDK guide for Python say:
vpc (Optional[IVpc]) – The VPC where your ECS instances will be running or your ENIs will be deployed. Default: - creates a new VPC with two AZs
So it seems like, in this regard ECS Fargate is not like AWS Lambda, where you can either run functions without a VPC (the default for AWS Lambda, a VPC 100% transparent to the user), or select a VPC. If Fargate always uses a VPC, I suppose the reason is because container-technologies are tightly bound to IP-based private and public network, unlike AWS Lambda, which uses ARNs.
Is this because with Fargate, a task has an IP address associated with it, whereas Lambda does not? Therefore since an IP address is being allocated, a VPC is required?
@grahamschuckman makes sense! I guess everything that has private IPs has a VPC, putting the P in VPC.