Hi everyone, I'm stuck on a problem with mapping an EFS volume to a Fargate Task in ECS. What happens is that it throws the following error during startup:

Error: EACCES: permission denied, open '/var/lib/ghost/content/logs/https___blog_test_production.error.log'

Any help is greatly appreciated! See inline comments for a snippet of the code.

Hi Tyler. Could I ask you to edit this post? It's huge and makes the channel hard to work through. You could either summarize the problem in this post, then add the code in a thread under it. Or you could update the post to use Slack's Text Snippet feature, which makes the code collapsible (and adds syntax highlighting!)

Created a snippet instead.

Your application container probably doesn't run under

gid: 65534,
      uid: 65534,

from the looks of it

I can't see anything obviously wrong. Things I'd investigate: • use of KMS key (does ECS need to be given specific permissions? Maybe try with AWS's default key instead of your private one?) • uid/gid values (high5 Eugene)

If it's uid/gid you can actually set them here on the infrastructure side (rather than doing it in the Dockerfile), see

user

here https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html

Yeah, those were some hail marys on my part trying to figure out wth was going on