# ECS Service Connect: DNS resolution failed for service endpoint within the same namespace - **ID:** `cloud/aws-ecs-service-connect-dns-resolution-failure` - **Domain:** cloud - **Category:** network_error - **Error Code:** `ECS.ServiceConnect.DNSResolution` - **Verification:** ai_generated - **Fix Rate:** 78% ## Root Cause When using ECS Service Connect, tasks fail to resolve the DNS name of a service in the same namespace because the service discovery namespace is not properly associated with the VPC, or the service's DNS records are not propagated due to a misconfigured service connect configuration. ## Version Compatibility | Version | Status | Introduced | Deprecated | |---------|--------|------------|------------| | AWS ECS: latest | active | — | — | | AWS Cloud Map: latest | active | — | — | | Amazon VPC: any | active | — | — | ## Workarounds 1. **Verify that the Cloud Map namespace is associated with the correct VPC. Run 'aws servicediscovery list-namespaces' and check the VPC configuration. If missing, create a new namespace with 'aws servicediscovery create-http-namespace --name my-namespace --vpc vpc-12345'.** (85% success) ``` Verify that the Cloud Map namespace is associated with the correct VPC. Run 'aws servicediscovery list-namespaces' and check the VPC configuration. If missing, create a new namespace with 'aws servicediscovery create-http-namespace --name my-namespace --vpc vpc-12345'. ``` 2. **Ensure the ECS task definition includes the 'awslogs' log driver and check the Service Connect logs for DNS queries using 'aws logs describe-log-groups' and filtering for 'DNS_RESOLUTION_FAILED'. Then update the service connect configuration with the correct 'clientAlias' and 'discoveryName'.** (80% success) ``` Ensure the ECS task definition includes the 'awslogs' log driver and check the Service Connect logs for DNS queries using 'aws logs describe-log-groups' and filtering for 'DNS_RESOLUTION_FAILED'. Then update the service connect configuration with the correct 'clientAlias' and 'discoveryName'. ``` ## Dead Ends - **** — Overrides the default AWS DNS resolver, breaking Service Connect's built-in DNS resolution for the namespace. (80% fail) - **** — IPs can change when tasks are redeployed or scaled; defeats the purpose of service discovery. (70% fail) - **** — Restarting doesn't fix the underlying DNS configuration issue; the new tasks will face the same resolution failure. (50% fail)