No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

index.ts

The code I am running into this issue with.

Also the package versions are list below but should be the latest since this a brand new create stack.

`@pulumi/aws`: 5.31.0
`@pulumi/awsx`: 1.0.2
`@pulumi/pulumi` : 3.58.0

<@U04T1N2KVA5> you’re not passing the vpc configuration to your fargate service, so it’s trying to use the default which doesn’t exist. take a look at the network configuration settings in awsx.ecs.fargateservice

That fixed my error.  Thank you very much <@UCWG26BH7>.

For reference incase anyone finds this in the future. I needed to update my fargate service as <@UCWG26BH7> suggested above like like below.

```const service = new awsx.ecs.FargateService("pulumi-service", {
    cluster: cluster.arn,
    desiredCount: 2,
    networkConfiguration: {
      assignPublicIp: true,
      securityGroups: [securityGroup.id],
      subnets: vpc.publicSubnetIds
    },
    taskDefinitionArgs: {
        container: {
            // would in the future pull this from a ECR repository
            image: "nginx:latest",
            cpu: 512,
            memory: 128,
            essential: true,
            portMappings: [
              {
                targetGroup: lb.defaultTargetGroup,
              }
            ]
        },
    },

});```

Follow up question If I wanted to use an existing VPC + security groups + subnets. Is there a way to import them while making it absolutely 100% immutable so that pulumi never tries to change, update, delete those resources but just references them for use in building other net new infra?

I ask because the ECS + Fargate service side would all be new to our company but we have several other setups within a VPC not managed by any IAC (right now :smirk: ) that would *very bad* if they were updated by pulumi.

you can set `protect` on those resources so that it won’t modify any immutable properties

alternatively you can just reference them with aws.ec2.getVpc