No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Indeed! This is a really unfortunate ECS limitation. See (and vote on) <https://github.com/aws/containers-roadmap/issues/104>. 

What would you recommend for a single container that needs to have one internet-facing port and one private?

Is it possible to use Pulumi to manage containers on a regular EC2 instance?

Fargate can handle that - you just can't put load balancers on both.

The `cloud.Service` abstraction currently puts load balancers on all exposed ports, so you wouldn't be able to use that.

But the `awsx.ecs.FargateService` abstraction is meant exactly for this - and should handle your case without problem.  See <https://github.com/pulumi/pulumi-awsx/tree/master/nodejs/awsx/ecs>.

Is there a way to discover the internal DNS name for the fargate service? So services within the VPC can connect?