Secure Amazon Elastic Container Service workloads with Amazon ECS Service Connect

Introduction

With this release, Amazon Elastic Container Service (Amazon ECS) integrates with AWS Private Certificate Authority (CA) and automates the process of issuing, distributing, and rotating certificates, which makes it simple for customers to secure traffic between services without adding extra operational workload. Now Amazon ECS Service Connect customers can encrypt service-to-service communication using Transport Layer Security (TLS) without modifying their application code, as well as without requiring any extra network infrastructure or operating service mesh solutions.

You can enable traffic encryption when at a per-Service Connect enabled service level within an existing namespace. First, you choose an existing or create a new AWS Private Certificate Authority, and then select it in the AWS Management Console, or provide its Amazon Resource Name (ARN) via the command line interface (CLI), to be used with your Amazon ECS Service Connect namespace. This CA is used for …