If you need to run a command, or set of commands on an AWS ECS cluster container, then you can do the following:

aws ecs execute-command --cluster ${ClusterName} --task ${TASK_ARN} --container nginx --command "/bin/sh" --interactive

This is the ECS equivalent of kubectl exec — it drops you into a shell inside a running container for debugging. I use this when I need to check config files, test network connectivity, or inspect logs that aren’t being shipped to CloudWatch.

For this to work, you need ECS Exec enabled on your service and the SSM agent running in the container. Your task role also needs ssmmessages permissions. If you get an “execute command failed” error, check that enableExecuteCommand is set to true on the service definition.