Unexpected EC2 error while attempting to Create Network Interface UnauthorizedOperation while using boto3
While trying to start a task of a ECS cluster using the aws API key with boto3 for my own account, the task container was created and immediately killed due to an error:
*Unexpected EC2 error while attempting to Create Network Interface in subnet 'subnet-xxxxxxxxxxxxxxxxx': UnauthorizedOperation *
However, I was able to start a task in a ECS cluster via web GUI using the same subnet. When the container was created, it is in the subnet I am expecting.
The task launch type is FARGATE, platform version is 1.4.0. Task role has been defined and used in either manual or script launch mode. Network mode shows awsvpc. In case of failed script launch, the EIN id is 'unset'.
Can someone help understand this issue? It will be nice to know how to enable the log for the launching of a container. At this moment, I only see the container logs after a container is successfully launched via web gui.
Thank you!
It appears to be a security group related. The automation script used a different security group which has much more limitation. The manual process via web ui used a different security group.
However, I don't understand how security group blocks CreateNetworkInterface.
Thanks.
Relevant questions
catching exceptions from boto3
asked 7 months agoDeploying ECS cluster + task with Javascript SDK
Accepted Answerasked a month agoHow many Load Balancers of what schemes are actually required while creating an ECS cluster with AutoScaling Via Capacity Provider?
asked 5 months agoECS tasks stops server while connecting to mongo atlas
asked a month agoInvalidClientTokenId exception while validating AccessKeyId
asked 3 years agoConnection Timeout Error while connection EC2 with Putty
asked 4 months agoA fargate task schedule via EventBridge fails to launch sometimes with stopReason "Rate limit exceeded while preparing network interface to be attached to instance"
asked 5 months agoUnexpected EC2 error while attempting to Create Network Interface UnauthorizedOperation while using boto3
asked 5 months agoUsing redshift-data boto3 to make cross account redshift calls
asked 5 months agoboto3 ecs.describe_task call returns task missing
asked 2 months ago
Its worth checking the CloudTrail event history to find out the request parameters and the IAM user/role being used for the operation. Search for the EventName "CreateNetworkInterface" in your CloudTrail event history and see if that helps!