I am trying to create an internal service that is not reachable from outside the vpc. I am using cloudmap as the service discovery tool and the best option I've found so far is by using App Mesh with it. (Also, I am using ECS for my containers)
The problem is that App Mesh only works with awsvpc network mode for ECS Task and this network mode the host ports and container ports in port mappings must match. So when we have two instances of the same task we would need each one in a different ENI and those are limited. Even with awsvpcTrunking the limit is low. What would you guys do in my scenario? I have even looked into API Gateway and it does not seem to fit for my problem.
PS.: If nothing works I guess that I'll have to change my application to use SRV and find the addresses available for that internal service.