I use terraform to start ECS and ECR, and I successfully pushed my image into ECR. But when my ECS try to pull image from ECR, it seems to have reported a network-related problem.
ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve ecr registry auth: service call has been retried 3 time(s): RequestError: send request failed caused by: Post "https://api.ecr.ap-southeast-1.amazonaws.com/": dial tcp xx.xxx.xxx.xxx:443: i/o timeout. Please check your task network configuration.
Here’s my network.tf
:
resource "aws_security_group" "myProject" {
name = "${terraform.workspace}-myProject"
vpc_id = var.vpc_id
}
resource "aws_security_group" "openSearch" {
name = "${terraform.workspace}-opensearch"
vpc_id = var.vpc_id
}
# ssh
resource "aws_security_group_rule" "ssh_ingress" {
security_group_id = aws_security_group.myProject.id
type = "ingress"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# OpenSearch
resource "aws_security_group_rule" "myProject_ingress_opensearch" {
type = "ingress"
from_port = 443
to_port = 443
protocol = "tcp"
security_group_id = aws_security_group.myProject.id
source_security_group_id = aws_security_group.opensearch.id
}
#
resource "aws_security_group_rule" "myProject_egress" {
type = "egress"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.myProject.id
}
Did I miss anything? I’m a newbie of terraform and aws, please help me, thank you all.
How to write a correct network.tf