Default Security Group for Task Definition



I am developing a container deployment on ECS, and I am in a development phase where I am frequently launching a task by deploying from the task definition. I am using the web interface to do this. The container runs a service that requires an inbound port, and I have created a security group to do this. Right now, I have to change from the default security group to this new security group every time I launch the task. This is onerous, and it's only a matter of time before I forget to do that.

What is the right way to do this? It seems like the inbound port requirement is a feature of the task definition, but I can't find a way to set a default security group for a task definition.


1 Answer
Accepted Answer

Security groups are configured when tasks or services are launched, not in the task definition. There's a couple options on how to deploy multiple times without re-configuring the networking settings:

  • Run your container as an ECS Service. You can deploy new versions of a task definition to the same and have it perform a rolling deployment without changing networking settings.
  • Launch tasks using a script or infrastructure as code. Anything done repeatably through the console is a candidate for automation.
answered 11 days ago
profile picture
reviewed 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions