Secret support does not work with Fargate 1.4.0

[jchook]

What is the current behavior?

Tasks cannot start due to this error:

ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve secrets from ssm: service call has been retried 5 time(s): RequestCanceled: request context canceled caused by: context deadli...

If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.

• I created a VPN, load balancer, and SSM secret
• I configured a minimal instance of this module including task_container_secrets
• I attached an existing working policy to the IAM roles to allow access SSM secrets

I discovered this stackoverflow post, which suggests the issue may be due to a change in network interface configuration as of Fargate 1.4.0.

I attemted to debug the issue based on information in that thread with no luck.

What is the expected behavior?

Fargate tasks able to access SSM secrets

Software versions?

Module version: 6.4.1

➜ terraform --version
Terraform v1.0.10
on linux_amd64
+ provider registry.terraform.io/hashicorp/aws v3.70.0

[jchook]

Okay I got it to work. Looks like Fargate requires that you launch tasks:

• On a VPC with DNS enabled
• In a public subnet
• With a public IP address assigned automatically
• With the appropriate IAM policies attached for things like ECR and SSM access