AWS copilot 部署的服務不可訪問？

Question

我有一個簡單的后端服務，我剛剛使用 copilot 部署。 但是，我不知道在哪里訪問它？

根據 AWS 控制台，它正在運行且處於活動狀態。 我什至可以在它已經啟動的日志中看到它。

我的清單：

# The manifest for the "user-service" service.
# Read the full specification for the "Backend Service" type at:
#  https://aws.github.io/copilot-cli/docs/manifest/backend-service/

# Your service name will be used in naming your resources like log groups, ECS services, etc.
name: user-service
type: Backend Service

# Your service does not allow any traffic.

# Configuration for your containers and service.
image:
  # Docker build arguments. For additional overrides: https://aws.github.io/copilot-cli/docs/manifest/backend-service/#image-build
  build: ./Dockerfile
  port: 9000

cpu: 256       # Number of CPU units for the task.
memory: 512    # Amount of memory in MiB used by the task.
count: 1       # Number of tasks that should be running in your service.

# Optional fields for more advanced use-cases.
#
variables:                    # Pass environment variables as key value pairs.
  SERVER_PORT: 9000
  NODE_ENV: test
  
secrets:                      # Pass secrets from AWS Systems Manager (SSM) Parameter Store.
  ACCESS_TOKEN_SECRET: ACCESS_TOKEN_SECRET
  REFRESH_TOKEN_SECRET: REFRESH_TOKEN_SECRET
  MONGODB_URL: MONGODB_URL

# You can override any of the values defined above by environment.
environments:
  test:
    variables:
      NODE_ENV: test
#    count: 2               # Number of tasks to run for the "test" environment.

我的 Dockerfile

# Check out https://hub.docker.com/_/node to select a new base image
FROM node:lts-buster-slim

# Set to a non-root built-in user `node`
USER node

# Create app directory (with user `node`)
RUN mkdir -p /home/node/app

WORKDIR /home/node/app

# Install app dependencies
# A wildcard is used to ensure both package.json AND package-lock.json are copied
# where available (npm@5+)
COPY --chown=node package*.json ./

RUN npm install

# Bundle app source code
COPY --chown=node . .

RUN npm run build

# Bind to all network interfaces so that it can be mapped to the host OS
ENV HOST=0.0.0.0 PORT=3000

EXPOSE 9000
CMD [ "node", "." ]

這在本地運行良好，使用 docker-compose。 但是在哪里可以找到已部署服務的 URL 呢？ 我檢查了 ECS 控制台，任務有一個公共 IP。 但是我無法連接到那個。

這里缺少什么？

Answer 1

Nm ..我的壞。 后端服務不應該通過互聯網訪問。 它們暴露端點，但應該通過服務發現相互（或前端）通信。