AWS execute command is not compatible with task def readonlyRootFilesystem

Currently it's not possible to run the `ecs execute-command` action if the task-def sets `readonlyRootFilesystem` to true. E.g.

```
aws ecs execute-command  \
    --region us-east-1 \
    --cluster stg-internal-pet \
    --task 355ef4d394294fdd91acb5af1876806f \
    --container consul-ecs-controller \
    --command "/bin/bash" \
    --interactive
```

Given by default ECS Controller enables both:
- https://github.com/hashicorp/terraform-aws-consul-ecs/blob/main/modules/controller/main.tf#L65
- https://github.com/hashicorp/terraform-aws-consul-ecs/blob/main/modules/controller/main.tf#L20

Execute command won't work if some work arounds are implemented, like:
- https://github.com/aws-containers/amazon-ecs-exec-checker/issues/21#issuecomment-827383350 
- https://toris.io/2021/06/using-ecs-exec-with-readonlyrootfilesystem-enabled-containers/

Or if we disable readonlyRootFilesystem when we decide to enable `enable_execute_command` at the ECS service level.

Btw this issue was _introduced_ by me here: https://github.com/hashicorp/terraform-aws-consul-ecs/commit/8a8b9b06bdbbb4f3f50b322af42a01d2c3d4999e

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

AWS execute command is not compatible with task def readonlyRootFilesystem #228

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

AWS execute command is not compatible with task def readonlyRootFilesystem #228

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions