has anyone experienced an issue with a fully manually created ECS Cluster where the instance during it's creation does not have network access, but does later on ? I went through every bit of my config: • Security Group allow eggress anywhere • the instance is in the private subnet, which routing table for outbound traffic points to the NAT • The NAT Gateway is in public subnet • the pub subnet does have an IG Additionally I created a jumbox and while the stack fails to create (no network so no cfn-signal installed by cloud-init and sent to Cloud formation for the autoscaling group). Once the instance is up, and without changing anything I log in to that specific and can successfully reach internet... confirming that the setup is right. I am thinking that the instance comes up before the NAT is attached or a specific rule added to routing table or Security group. Any pointer would be welcomed

there's lots of eventual consistencies like this in AWS 😅 You can do things like run a loop inside the user data

while true
do
    ping -c 1 ip
done

Or the pulumi specific way is to use a waiter on certain resources

never had the issue with cloudformation, but I guess they are aware of their own things lool. now that I know how I can specify my own userData (and have the instance reach out to cfn & add itself to the ECS cluster) I can do something like that yes, and I may actually use the dependsOn to make sure things get created in a certain order