How To Do SSH Inside Fargate Container

Step 1:- create fargate service with enable-execute-command.

>> aws ecs create-service — cluster test — task-definition hyperzod-note-worker — enable-execute-command — service-name service-name — desired-count 1 — launch-type FARGATE — network-configuration “awsvpcConfiguration={subnets=[subnet-a28cf1c4],securityGroups=[sg-54b4e151],assignPublicIp=ENABLED}”

Step 2 :- check that enable-execute-command is enable or not

>> aws ecs describe-tasks — cluster test-hyperzod — tasks c27f1d5ad44f44569abc301bf17c2a2c

its enable here

Step 3:- now we can do ssh inside the container by this command

>> aws ecs execute-command — cluster test — task c27f1d5ad44f44569abc301bf17c2a2c — container note-worker — interactive — command “/bin/sh”

NOTE:-

These Errors can occur during the above setup

Error 1:- The Session Manager plugin was not found

for that we need to download this Session Manager plugin in our system according to the system you can install it.

Link:- https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html#install-plugin-windows

Error 2:- An error occurred (TargetNotConnectedException) when calling the ExecuteCommand operation” in Amazon ECS

To resolve this error we need to add this IAM policy to your Task definition execution role .

create a new inline policy by using the below JSON and add it to the role don’t do anything in the existing policy of your role.

{
   "Version": "2012-10-17",
   "Statement": [
       {
       "Effect": "Allow",
       "Action": [
            "ssmmessages:CreateControlChannel",
            "ssmmessages:CreateDataChannel",
            "ssmmessages:OpenControlChannel",
            "ssmmessages:OpenDataChannel"
       ],
      "Resource": "*"
      }
   ]
}

Link:- https://aws.amazon.com/premiumsupport/knowledge-center/ecs-error-execute-command/