[03] Architecting for ECS Flashcards
What is the dualStackIPv6 parameter used for?
It allows awsvpc tasks to be provided an IPv6 address in addition to the primary private IPv4 address
What are the requirements for a task to receive an IPv6 address?
The task must use awsvpc network mode, be launched in a VPC configured for dual-stack mode, and the dualStackIPv6 account setting must be enabled
What is the fargateFIPSMode parameter used for?
It turns on FIPS-140 compliance for Fargate tasks
What does the tagResourceAuthorization parameter enforce?
It enforces the ecs:TagResource permission when calling ECS API actions which create resources with tags e.g. ECS:CreateCluster
What is the purpose of the fargateTaskRetirementWaitPeriod parameter?
It controls the notice period for non-critical Fargate platform revision updates
What does the guardDutyActivate parameter indicate?
It is a read-only setting which indicates whether GuardDuty Runtime Monitoring is enabled
What accounts are opted in to using the new ARN formats by default?
New accounts are opted in by default
What parameters can be used to opt-in to using the new ARN formats?
serviceLongArnFormat, taskLongArnFormat & containerInstanceLongArnFormat
What does the awsvpcTrunking parameter enable?
It enables ENI trunking for certain EC2 instance types
What does the containerInsights parameter determine?
It determines whether Container Insights is enabled by default for new clusters
Can the containerInsights setting be overridden for a specific cluster?
Yes, it can be overridden in ecs:CreateCluster
What options are available for latency critical applications with ECS?
Local Zones, Wavelength Zones, AWS Outposts
What are Local Zones?
An extension of an AWS region
What are Wavelength Zones?
Colocated with infrastructure used for carriers’ 5G networks
What is AWS Outposts?
Allows AWS infrastructure to be deployed on premises