Amazon ECS now allows tmpfs mounts for Linux tasks on AWS Fargate and ECS Managed Instances. This enables the creation of in-memory file systems for tasks, which is useful for temporary data and sensitive information that shouldn’t persist after the task ends. Users can configure tmpfs mounts through task definitions in the ECS console or via AWS CLI and other tools.

AWS ECS tasks running on EC2 instances face weak task-level isolation, leading to potential security risks like credential theft. The article highlights the importance of hardening configurations, particularly by restricting access to the EC2 Instance Metadata Service (IMDS), and discusses various networking modes and methods to effectively block IMDS access for ECS tasks.