By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

ECS Service connect Agent support of communication encryption

0

Hello Does ECS service connect envoy proxy support communication encryption between to tasks in the same namespace, do we need to end SSL tunnel in the application container (same scenario if we don't use service connect )or there is a configuration to end the ssl tunnel in envoy proxy. Note I am not using APP Mesh

Topics
ServerlessContainers
Tags
AWS FargateECS Service Discovery
Language
English
Youez
asked a year ago731 views
1 Answer
2

ECS Service Connect does not provide built-in communication encryption between tasks within the same namespace. By default, the communication between tasks in the same namespace is not encrypted.

If you want to secure the communication between tasks within the same namespace, you have a few options:

You can deploy a separate sidecar proxy container (such as Envoy) alongside your application containers. The sidecar proxy can handle SSL/TLS termination and encrypt the communication between your application containers. In this scenario, the communication between the application containers and the sidecar proxy is typically unencrypted, but the communication between the sidecar proxies of different tasks can be encrypted.

The following post maybe can help to you

https://aws.amazon.com/blogs/compute/setting-up-an-envoy-front-proxy-on-amazon-ecs/

profile picture
EXPERT
Sedat Salman
answered a year ago
  • Rahat
    4 months ago

    Are u suggesting to use envoy directly instead of service connect?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content