Fargate, ECR, Private subnet, VPC endpoint

Have you had any luck retrieving the container imagine from ECR via a VPC endpoint? I did apply the S3 endpoint which is required, mentioned here: https://aws.amazon.com/blogs/containers/using-vpc-endpoint-policies-to-control-amazon-ecr-access/

I’ve not gotten this to work. Really would like to avoid having to set up a nat gateway. Going for minimal cost.

Anyone have any luck?

Thank you,
Michael

Have you also added the other two endpoints?

  • com.amazonaws.<region>.ecr.api
  • com.amazonaws.<region>.ecr.dkr