Posted On: Apr 14, 2023
Today, Amazon Elastic Container Service (ECS) is announcing availability of ECS-optimized Amazon Linux 2023 (AL2023) AMIs and group managed service accounts (gMSA) on ECS Linux containers through credentials-fetcher integration. gMSA is a managed account that provides automatic password management, service principal name (SPN) management, and the ability to delegate management to administrators over multiple servers or instances. This integration allows applications hosted on Amazon ECS Linux containers to easily authenticate with Microsoft Active Directory (AD) to access network shared resources. This integration enables customers to continue using AD as well as get the cost, reliability, and scalability benefits of Amazon Linux on ECS.
As you deploy your .NET applications, the applications hosted on Linux containers need to connect to network resources such as SQL Server hosts or storage blocks that are authenticated over Microsoft AD. The gMSA credentials-fetcher is now directly integrated into Amazon ECS. You can use credentials-fetcher to access AD from services hosted on Linux containers using the service account authentication model. Developers and system administrators can use the ECS agent for a managed configuration experience on the ECS platform.
This capability is available in all regions where Amazon ECS is available. To learn more and to get started, please refer details of Amazon ECS-optimized AMIs and the documentation and blog post for gMSA support.