looking for some pointers,
I am trying to get a windows scheduled task running on a Windows Container on AWS ECS, so far I have:
- EC2 Windows instance
- ECS with a running container instance (Windows)
- IAM Role applied to the ECS Host
- S3 Bucket
I have a powershell script I have written to interact with an S3 bucket which runs perfectly fine when I execute it from the AWS Session manager and exec into the running container. The aws configure list command shows the credentials it’s using (container-role) and everything works ok interaction wise.
The issue is I need this to be a timed operation, so I created a Scheduled Task to run the powershell command and that’s where the issue starts:
- Running scheduled task not as System means it won’t run like a daemon / without login / non-interactively – however, when I try to execute the same script, the aws cli commands fail because they cannot find the AWS credentials, aws configure list returns empty and the s3 command returns a No credentials found message.
- Running the scheduled task as the container-admin user (which is what the AWS Session shell logs me in as) refuses to execute the task – though it shows as ready it never runs, I believe because that is the same user which also sets up the scheduled task it is implicitly set to run only when the user is logged on – unless I used the /NP switch, which wants me to enter the password interactively (no good).
Is there any reason why a Scheduled task running as the SYSTEM user would not be able to use the same AWS CLI commands as the ContainerAdmin user which I get logged in as via the AWS Session manager? Have I missed an option on the Scheduled Task command somewhere?
Thanks in advance
Source: Windows Questions