AWS execute command is not compatible with task def readonlyRootFilesystem

[v-rosa]

Currently it's not possible to run the ecs execute-command action if the task-def sets readonlyRootFilesystem to true. E.g.

aws ecs execute-command  \
    --region us-east-1 \
    --cluster stg-internal-pet \
    --task 355ef4d394294fdd91acb5af1876806f \
    --container consul-ecs-controller \
    --command "/bin/bash" \
    --interactive

Given by default ECS Controller enables both:

• https://github.com/hashicorp/terraform-aws-consul-ecs/blob/main/modules/controller/main.tf#L65
• https://github.com/hashicorp/terraform-aws-consul-ecs/blob/main/modules/controller/main.tf#L20

Execute command won't work if some work arounds are implemented, like:

• https://github.com/aws-containers/amazon-ecs-exec-checker/issues/21#issuecomment-827383350
• https://toris.io/2021/06/using-ecs-exec-with-readonlyrootfilesystem-enabled-containers/

Or if we disable readonlyRootFilesystem when we decide to enable enable_execute_command at the ECS service level.

Btw this issue was introduced by me here: https://github.com/hashicorp/terraform-aws-consul-ecs/commit/8a8b9b06bdbbb4f3f50b322af42a01d2c3d4999e