chobo
Reputation: 4862
What is the difference between ecs.amazonaws.com and ecs-tasks.amazonaws.com?
https://gist.github.com/meoooh/896b66e0fc5c9bfd5716fc1864a7c68b
If I have two iam role.
But I don't know difference
Upvotes: 10
Views: 9149
Answers (1)
krishna_mee2004
Reputation: 7366
One IAM role is used by ECS service scheduler to make calls to the Amazon EC2 and Elastic Load Balancing APIs on your behalf to register and deregister container instances with your load balancers. This is the role that has the principal ecs.amazonaws.com.
The second IAM role is used by the containers that are created in your tasks. This is the role that has the principal: ecs-tasks.amazonaws.com.
AWS documentation:
- Details about IAM role used by ECS scheduler can be found here.
- Details about IAM role used by containers in your tasks can be found here. Further explanation for this can be found here.
Upvotes: 21
Related Questions
- What is the difference between a task and a service in AWS ECS?
- Difference between AWS Elastic Container Service's (ECS) ExecutionRole and TaskRole
- What is the difference between Amazon ECS and Amazon EC2?
- Difference between AWS ECS Service Type Daemon & Constraint "One Task Per Host"
- Query regarding AWS IAM Service
- Difference between EC2 System Manager and OpsWork
- What is the actual structure of ECS Service ARNs?
- The difference between an AWS service and product.
- AWS ECS: Why I must set Task Definition twice?
- Difference between Amazon EC2 API tools and AMI tools?