https://prefect.io logo
Join Slack
Powered by
<@ULVA73B9P> is there any way to turn on ECS exec ...
# ask-marvin
o
@Marvin is there any way to turn on ECS exec for an ECS cluster through the prefect UI?
m
thought for 237.6 seconds
thought for 340.5 seconds
Short answer: there isn’t a dedicated “toggle” in the Prefect UI. But you can enable ECS Exec for an ECS work pool by adding the RunTask flag in the pool’s job template. What to do - In the Prefect UI: Work Pools -> your ECS pool -> Settings -> Edit job template - Add 
enableExecuteCommand: true
at the top level of the job template so the worker passes it to ECS RunTask Example job template snippet
Copy code
{
  "cluster": "my-ecs-cluster",
  "launchType": "FARGATE",
  "taskDefinition": "my-task-def:1",
  "networkConfiguration": {
    "awsvpcConfiguration": {
      "subnets": [
        "subnet-abc",
        "subnet-def"
      ],
      "securityGroups": [
        "sg-123"
      ],
      "assignPublicIp": "ENABLED"
    }
  },
  "enableExecuteCommand": true
}
Notes and prerequisites - ECS Exec is enabled via the RunTask/Service parameter 
enableExecuteCommand
(it’s not a task definition field). - Ensure IAM/SSM prerequisites are in place: - Your task execution role should include permissions for SSM messages (the AWS-managed policy 
AmazonECSTaskExecutionRolePolicy
covers this). - The IAM principal you use to run 
aws ecs execute-command
needs 
ecs:ExecuteCommand
and SSM session permissions. - If you’re running tasks under an ECS Service, you can also enable exec on the service: - 
aws ecs update-service --cluster <cluster> --service <service> --enable-execute-command
Refs - Prefect ECS guide - AWS ECS Exec docs If you share your current job template, I can suggest exactly where to add the flag.
Short answer: no. Prefect doesn’t manage AWS account/cluster settings, so there’s no toggle in the Prefect UI to enable ECS Exec on an ECS cluster. How to use ECS Exec with Prefect ECS runs: - Enable Exec on the AWS side (cluster/service level) and ensure IAM/KMS/logging are configured per AWS guidance. - If you want one-off tasks launched by a Prefect ECS work pool to support Exec, add the enable flag to the work pool’s Base Job Template so tasks are started with Exec enabled. Example Base Job Template adjustment (Work Pools > your ECS pool > Edit > Base job template):
Copy code
{
  "job_configuration": {
    ...
    "task_run_request": {
      ...
      "enableExecuteCommand": true
    }
  }
}
Then you can exec into a running flow-run task with the AWS CLI, e.g.:
Copy code
aws ecs execute-command --cluster <cluster> --task <task_arn> --container <container_name> --command "/bin/bash" --interactive
Docs: - Prefect 3.x ECS guide (covers ECS work pools, base job templates, and AWS prerequisites) If you’d like, share your ECS pool’s current Base Job Template and I can point out exactly where to add 
enableExecuteCommand
.
Open in Slack
PreviousNext
Powered by