I have two ECS clusters, both running fargate 1.3 tasks (lets call them task A and task B). Both tasks have network type awsvpc and both have auto assigned public IPs. Furthermore, both clusters/tasks are in the same VPC. Task A is associated with security group A, task B is associated with security group B (as well as a load balancer that is also connected with the security group). I am trying to making an http request from task A to task B. I'm 100% sure I have the security groups set up properly, namely:
security group A:
- egress to anywhere
security group B:
- ingress to security group A (Port range All, Protocol All, Type "All Traffic")
When I try to make the request from A to B, I get a time out error. I know it is a security group error, because if I create an ingress rule with Source = everywhere, it works. Furthermore, if I go in and check the public IP address of fargate task A, and add that IP address to the ingress of security group B, it also works.
What is happening here?