Connect to Your Container Instance
To perform basic administrative tasks on your instance, such as updating or installing software or accessing diagnostic logs, connect to the instance using SSH. To connect to your instance using SSH, your container instances must meet the following prerequisites:
Your container instances need external network access to connect using SSH. If your container instances are running in a private VPC, they need an SSH bastion instance to provide this access. For more information, see the Securely connect to Linux instances running in a private Amazon VPC blog post.
Your container instances must have been launched with a valid Amazon EC2 key pair. Amazon ECS container instances have no password, and you use a key pair to log in using SSH. If you did not specify a key pair when you launched your instance, there is no way to connect to the instance.
SSH uses port 22 for communication. Port 22 must be open in your container instance security group for you to connect to your instance using SSH.
The Amazon ECS console first-run experience creates a security group for your container instances without inbound access on port 22. If your container instances were launched from the console first-run experience, add inbound access to port 22 on the security group used for those instances. For more information, see Authorizing Network Access to Your Instances in the Amazon EC2 User Guide for Linux Instances.
To connect to your container instance
Find the public IP or DNS address for your container instance.
Open the Amazon ECS console at https://console.aws.amazon.com/ecs/.
Select the cluster that hosts your container instance.
On the Cluster page, choose ECS Instances.
On the Container Instance column, select the container instance to connect to.
On the Container Instance page, record the Public IP or Public DNS for your instance.
Find the default username for your container instance AMI. The user name for instances launched with the Amazon ECS-optimized AMI is
ec2-user. For Ubuntu AMIs, the default user name is
ubuntu. For CoreOS, the default user name is
If you are using a macOS or Linux computer, connect to your instance with the following command, substituting the path to your private key and the public address for your instance:Copy
$ ssh -i
If you are using a Windows computer, see Connecting to Your Linux Instance from Windows Using PuTTY in the Amazon EC2 User Guide for Linux Instances.
If you experience any issues connecting to your instance, see Troubleshooting Connecting to Your Instance in the Amazon EC2 User Guide for Linux Instances.