I'm deploying some containers to Amazon ECS (Fargate) and running into an issue retrieving secrets from Secrets manager. The exact error received is:
ResourceInitializationError: unable to pull secrets or registry auth: execution resource retrieval failed: unable to retrieve secret from asm: service call has been retried 5 time(s): failed to fetch secret arn:aws:secretsmanager:us-east-1:578753309024:secret:-PBkCN8 from secrets manager: RequestCanceled: request context canceled caused by: context deadline exceeded. Please check your task network configuration.
Setup:
- My task definition includes 3 containers; only 2 of which require secrets to be pulled from Secrets Manager:
- Container 1: No secrets
- Container 2: 2 secrets
- Container 3: 8 secrets
- I have set GetSecretValue IAM permission to the ARN(s) of the Secrets Manager Entries set in the ECS "tasks role".
- The public Secrets Manager endpoint is being used and the Security Group to which the ECS task is being deployed is configured to allow outbound TCP/443 traffic.
Scenarios:
- Deploying just Container 1 - no issue
- Deploying container 1 and 2 - no issue (secrets are pulled just fine)
- Deploying all containers - error above; error occurs on a secret for container 2
- Deploying just container 3 - error above; error occurs on a secret for container 3
Any suggestions for how to address?