3

I am trying to deploy a very simple web application to AWS Fargate. I have pushed a docker image of the backend of the application to ECR and I am trying to setup a Fargate task definition for the container. I have all of the properties of the task defined, the setup is fairly simple, but the task wont create and I am always getting the error:

Invalid request provided: Create TaskDefinition: Fargate requires task definition to have execution role ARN to support ECR images. (Service: AmazonECS; Status Code: 400; Error Code: ClientException; Request ID: <SOME UUID>; Proxy: null)" (RequestToken: <SOME UUID>, HandlerErrorCode: InvalidRequest)

I know I have an ECR image and I have created and selected the IAM role that Fargate wants (using this documentation) but it still complains. I had originally created the task with EC2 launch type and it had no problems, but decided to go with Fargate launch type for cost and simplicity reasons.

What else do I have to do?

Brandon
  • 151
  • 5

3 Answers3

2

I just encountered this issue and was able to resolve it with AWS. Apparently there is a bug when adding the permissions associated with the IAM Role when using the GUI for task definitions.

To resolve this you can go to Cloud formation to specify the configuration file there. You should see your failed task definitions there. Click on the stack associated with your task definition and select "Update" -> Edit template in designer

Edit the JSON an add this under "TaskRoleArn" : "your task role"

"ExecutionRoleArn" : "the-same-string-that-taskRoleArn-is-set-to"

That should resolve your issue

Anthony Schanen
  • 21
  • 1
0

The 'update' button is disabled for me. Any ideas how to enable it or another workaround? I was able to create fargate service definitions just a few days ago, so I have templates from cloud formation

FPapi
  • 1
0

This seems a bug in the new ECS UI.

Switch back to the old UI by unchecking the "New ECS Experience" option from the left sidebar, and it should work.

Jari Jokinen
  • 181
  • 1