I m experimenting with the new ECSTask in 2 4 0 as we run pr Prefect Community #ask-community

it absolutely is, you can specify networkMode on your task definition - default is awsvpc; then you can set a custom vpc_id on your ECSTask block, even from the UI

Anna Geller

09/21/2022, 12:45 PM

the effect is the same but with the difference that you don't need to worry about specifying

networkConfiguration

since in 90% it's always awsvpc and that's what we already use as default (and if you use EC2 launch type, the default is bridge); and

awsvpcConfiguration

was cumbersome because usually you only care about to which VPC your ECS task gets deployed (custom or default VPC) and you don't want to worry about which subnet to pick -- in the current setup, we automatically query all available subnets in the VPC ID you provided and ECS decides to which one it's best to run a specific ECS task with your flow run so all use cases from 1.0 are possible, but way easier - feel free to open a GitHub issue on the

prefect-aws

repo if you struggle to configure something - given that this block is still experimental, we are open to feedback to adjust this block if needed

Stephen Herron

09/21/2022, 12:59 PM

Ahh - this doesn’t work when the subnets for the custom VPC (the VPC itself even) - are owned by another account. removing VPC config from the block and it will run on the default VPC. Specifying say the company designated VPC = this error:

Copy code

botocore.errorfactory.InvalidParameterException: An error occurred (InvalidParameterException) when calling the RunTask operation: At least one security group must be supplied when specifying subnets that are owned by a different account.

created this for reference - https://github.com/PrefectHQ/prefect-aws/issues/112

Anna Geller

09/21/2022, 3:12 PM

I answered o the issue

Anna Geller

09/21/2022, 3:13 PM

let's keep the discussion there

5 Views

Open in Slack

Previous Next