Amazon ECS now enforces software version consistency for containerized applications
Amazon Elastic Container Service (Amazon ECS) now enforces software version consistency for your containerized applications, helping you ensure all tasks in your application are identical and that all code changes go through the safeguards defined in your deployment pipeline.
Customers deploy long-running applications such as HTTP-based microservices as Amazon ECS services and often use container image tags to configure these services. Although container images are immutable, image tags aren’t immutable by default and there is no standard mechanism to prevent different versions from being unintentionally deployed when you configure a containerized application using image tags. To prevent such inconsistencies, Amazon ECS now resolves container image tags to the image digest (SHA256 hash of the image manifest) when you deploy an update to your Amazon ECS service and enforces that all tasks in the service are identical and launched with this image digest(s). This means, even if you use a mutable image tag like ‘LATEST’ in your task definition and your service scales out after the deployment, the correct image (which was used when deploying the service) is used for launching new tasks.
Amazon ECS automatically enforces software version consistency for services created or updated after June 25 2024, running on AWS Fargate platform version 1.4.0 or higher and/or version v1.70.0 or higher of the Amazon ECS Agent in all commercial and the AWS GovCloud (US) Regions. To learn more, please read this blog post or visit our documentation.