I created ECS service in AWS ECS cluster. My container uses the awsvpc network mode. The service has no load balancer.
But it cannot touch any public internet resources.
When I go to the ECS instance and ssh into docker container I cannot wget any public resources.
root@ip-10-3-1-23:/app# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 *^C
root@ip-10-3-1-23:/app# wget google.com
--2019-08-31 22:34:38-- http://google.com/
Resolving google.com (google.com)... 172.217.9.206, 2607:f8b0:4004:807::200e
Connecting to google.com (google.com)|172.217.9.206|:80... ^C
root@ip-10-3-1-23:/app#
EC2 instance security group:
Inbound:
Type Protocol Port Range Source Description
All TCP TCP 0 - 65535 10.3.0.0/16
SSH TCP 22 sg-5c260123 (mgmt-bastion)
Custom TCP Rule TCP 51678 sg-0784b8f53ab37c234 (mgmt-jenkins-sg)
Outbound:
Type Protocol Port Range Source Description
All traffic All All 0.0.0.0/0
Service security group:
Inbound:
Type Protocol Port Range Source Description
All TCP TCP 0 - 65535 10.3.0.0/16
Outbound:
Type Protocol Port Range Source Description
All traffic All All 0.0.0.0/0
Could you help me debug it, how to allow for internet access, please?