AWS Certified Developer - Associate
Get started today
Ultimate access to all questions.
A company is seeking to streamline the setup of ECS (Elastic Container Service) clusters by leveraging CloudFormation templates. This automated process has been functional for some time. However, after the development team creates the necessary task definitions and assigns appropriate IAM roles to the tasks, they notice that the ECS tasks are not utilizing the permissions specified in those roles.
What specific ECS configuration setting needs to be specified in the /etc/ecs/ecs.config file to ensure that ECS tasks can properly use the assigned IAM roles?
A company is seeking to streamline the setup of ECS (Elastic Container Service) clusters by leveraging CloudFormation templates. This automated process has been functional for some time. However, after the development team creates the necessary task definitions and assigns appropriate IAM roles to the tasks, they notice that the ECS tasks are not utilizing the permissions specified in those roles.
What specific ECS configuration setting needs to be specified in the /etc/ecs/ecs.config file to ensure that ECS tasks can properly use the assigned IAM roles?
Explanation:
Overall explanation Correct option:
ECS_ENABLE_TASK_IAM_ROLE
This configuration item is used to enable IAM roles for tasks for containers with the bridge and default network modes.
Incorrect options:
ECS_ENGINE_AUTH_DATA - This refers to the authentication data within a Docker configuration file, so this is not the correct option.
ECS_AVAILABLE_LOGGING_DRIVERS - The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with this variable. This configuration item refers to the logging driver.
ECS_CLUSTER - This refers to the ECS cluster that the ECS agent should check into. This is passed to the container instance at launch through Amazon EC2 user data.