'An error occurred (TargetNotConnectedException) when calling the ExecuteCommand operation' trying to access NGINX container on ECS EC2 container host

0

Hello, I know this issue was discussed before (see similar posts from in 2022), but I am still blocked faced with same/similar problem today. I am getting same exact error trying to execute command on a simple bitnami/nginx container running on ECS EC profile:

+++++++++++++++++++++

aws ecs execute-command --task <removed> --cluster awsome_ecs_cluster --container nginx-test1 --interactive --command "/bin/bash" The Session Manager plugin was installed successfully. Use the AWS CLI to start a session. An error occurred (TargetNotConnectedException) when calling the ExecuteCommand operation: The execute command failed due to an internal error. Try again later. +++++++++++++++++++++

Running the https://github.com/aws-containers/amazon-ecs-exec-checker tool everything appears to be running OK:

Prerequisites for check-ecs-exec.sh v0.7
jq | OK (/opt/homebrew/bin/jq) AWS CLI | OK (/usr/local/bin/aws)
Prerequisites for the AWS CLI to use ECS Exec
AWS CLI Version | OK (aws-cli/2.11.0 Python/3.11.2 Darwin/22.3.0 exe/x86_64 prompt/off) Session Manager Plugin | OK (1.2.398.0)
Checks on ECS task and other resources
Region : us-west-1 Cluster: awsome_ecs_cluster Task : removed
    Cluster Configuration | KMS Key : Not Configured 
    Audit Logging : DEFAULT
    S3 Bucket Name: Not Configured
    CW Log Group : Not Configured
Can I ExecuteCommand? | arn:aws:iam::XXXXXXXXXX:user/dz-XXXXXXXXXXXX 
       ecs:ExecuteCommand: allowed
       ssm:StartSession denied?: allowed
Task Status | RUNNING
Launch Type | EC2
ECS Agent Version | 1.68.0
Exec Enabled for Task | OK
 Container-Level Checks | 
   ---------- Managed Agent Status ---------- 
               1. RUNNING for "nginx-test1" ---------- 
                Init Process Enabled (run_nginx_ecs:7)
                ----------
                1. Enabled - "nginx-test1" ----------
               Read-Only Root Filesystem (run_nginx_ecs:7) 
               ---------- 
1. Disabled - "nginx-test1" 
Task Role Permissions | arn:aws:iam::XXXXXXXXXXX:role/ECSTaskRoleAB3 
         ssmmessages:CreateControlChannel: allowed
         ssmmessages:CreateDataChannel: allowed
         ssmmessages:OpenControlChannel: allowed
         ssmmessages:OpenDataChannel: allowed
 VPC Endpoints | SKIPPED (vpc-XXXXXXXXXXXXXXXXXXX - No additional VPC endpoints required) 
  Environment Variables | (run_nginx_ecs:7) 
         1. container "nginx-test1" 
                 - AWS_ACCESS_KEY: not defined
                 - AWS_ACCESS_KEY_ID: not defined
                 - AWS_SECRET_ACCESS_KEY: not defined
-----------------------------------

Everything seems to be "green" and allowed, there are no AWS_ACCESS_KEY env variables defined in container (only in CLI context) but I am still getting an error above.

Any troubleshooting tips on this issue are appreciated!

1 Answer
0

Hi Daniel, I've got the exact same issue. Did you get it fixed? If yes, how please?

answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions