Can't run a basic ECS/Fargate task following AWS docs


I follow this ECS guide, but always get an error.

My region is: eu-central-1

  1. I deleted* and then created default VPC using console following these steps:

    * Before I deleted/created default VPC, I also tried steps 2-4 with already created default VPC with the same result.

  2. I created AWS Fargate (serverless) cluster using console without (optional) steps and namespace**:

    ** I also tried the option with namespace with the same result.

  3. I created a task definition according to Step 2*** in:

    *** I also tried to add ecsTaskExecutionRole to the task, but it didn't help.

  4. I deployed the task by clicking the Deploy button and selecting Run task. I chose cluster I created in 2nd step and clicked Create. Unfortunately, task never runs and always returns these errors:

    There was an error while describing network interfaces. The networkInterface ID 'eni-042a245591c1f3e39' does not exist****

    **** This error probably occurs during de-provisioning and has nothing to do with the second error below. When the task has a Pending status, I checked if networkInterface ID exists and it does.

    Task stopped at: 2023-09-27T10:41:38.641Z CannotPullContainerError: pull image manifest has been retried 5 time(s): failed to resolve ref failed to do request: Head "": dial tcp: lookup on read udp> i/o timeout

I also tried opening ports 80 and 443 in VPC's security group for all inbound traffic with no luck.

How can I make it work? Thank you.

2 Answers
Accepted Answer

I changed the region from eu-central-1 to us-east-1 following the same steps as I described above and it works. Probably there is some bug in AWS, hard to say if eu-central-1 can't access or if it's something different.

answered 9 months ago
profile picture
reviewed 11 days ago


I'm getting a timeout error when pulling the container image.
If the subnet used by ECS is a private subnet, try adding a route to the NAT Gateway to the route table or setting up a VPC endpoint for ECR.

If you are using a public subnet, please check whether the subnet's public IP allocation is enabled.

profile picture
answered 9 months ago
profile picture
reviewed 11 days ago
  • Hello. Unfortunately, creating a VPC endpoint for ECR or public NAT with a private subnet didn't help. All public subnets have Enable auto-assign public IPv4 addressInfo checked. I've already sent feedback to AWS that their guide is inaccurate or incomplete.

    If there's someone who could write me a step-by-step guide on how to make the below AWS guide work, that would be great:

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions