Default Security Group for Task Definition

Question

Hello,

I am developing a container deployment on ECS, and I am in a development phase where I am frequently launching a task by deploying from the task definition. I am using the web interface to do this. The container runs a service that requires an inbound port, and I have created a security group to do this. Right now, I have to change from the default security group to this new security group every time I launch the task. This is onerous, and it's only a matter of time before I forget to do that.

What is the right way to do this? It seems like the inbound port requirement is a feature of the task definition, but I can't find a way to set a default security group for a task definition.

Thanks

Accepted Answer

Security groups are configured when tasks or services are launched, not in the task definition. There's a couple options on how to deploy multiple times without re-configuring the networking settings: 
* Run your container as an [ECS Service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html). You can deploy new versions of a task definition to the same and have it perform a rolling deployment without changing networking settings. 
* Launch tasks using a script or infrastructure as code. Anything done repeatably through the console is a candidate for automation.

Default Security Group for Task Definition

관련 콘텐츠