compose-cli icon indicating copy to clipboard operation
compose-cli copied to clipboard

Published 20 hours ago verified publisher icon docker

ECS: don't expose all ports to load balancer

Open rverpillot opened this issue 3 years ago • 0 comments

Sometimes we need to expose ports in ECS cluster, but not necessary to load balancer. For example, to use Cloudwatch prometheus agent in the ECS cluster we need to define tasks with exposed ports for getting metrics, but for security reasons, we don't want expose these ports to outside. But currently compose create a listener for each exposed port in the docker compose file.

So, a syntax like this might be useful:

services:
  test:
    image: myImage
    ports:
      - target: 3000
        x-aws-protocol: none

rverpillot avatar Jun 05 '21 12:06 rverpillot