Ffortem.dev
FeaturesPricingDemoBlogBook a 20-min call
Run Fleet Audit →Book a 20-min call →
Guide

AWS ECS Fargate: What It Is, How It Works, What It Costs

ECS is the orchestrator. Fargate is the compute. Together they let you run containers on AWS without managing EC2 instances, Kubernetes clusters, or control plane upgrades.

This page covers what they actually are, how pricing works, a working Terraform module, and what breaks at 10+ environments — the inflection point where teams start looking for an operations layer.

$0
ECS control plane cost — per cluster, at any scale
aws.amazon.com/ecs
$0.04
per vCPU-hour on Fargate On-Demand (us-east-1)
aws.amazon.com/fargate/pricing
60–70%
non-prod cost reduction by scheduling off-hours
Fortem fleet data

ECS vs Fargate — not the same thing

ECS is the control plane. Fargate is the data plane. You need both to run containers without EC2.

Most tutorials use the terms interchangeably. They aren't the same. ECS handles orchestration — it schedules tasks, manages service definitions, handles health checks, rolling deployments, and service discovery. Fargate handles compute — it provides the CPU and memory for your containers to run on, managed by AWS.

ECS — the orchestrator
  • Schedules which containers run where
  • Manages task definitions (container specs)
  • Handles rolling deployments + health checks
  • Integrates with ALB, CloudWatch, IAM
  • Free — $0 per cluster, unlimited clusters
Fargate — the compute layer
  • Provides vCPU + memory for containers
  • No EC2 instances to manage or patch
  • Billed per vCPU-second, not per instance
  • True $0 when containers are stopped
  • Alternative: EC2 launch type (you manage nodes)
The short version: ECS tells containers where to go. Fargate gives them somewhere to run. You configure ECS (task definitions, services, clusters). AWS manages Fargate (the underlying compute, patching, capacity).

How ECS Fargate works

Four concepts cover 90% of what you need: clusters, task definitions, services, and tasks.

You don't need to understand all of ECS to get started. These four concepts map to how you think about running applications.

Cluster

A logical grouping of services and tasks. Free — create one per environment (prod, staging, dev). ECS clusters have no cost of their own.

use1-prod, use1-staging, use1-dev-alice
Task Definition

The spec for a container: which Docker image, how much CPU/memory, environment variables, IAM role, log configuration. Versioned — you update the task def, then deploy the new version.

api:42 — image: my-api:sha256, 0.5 vCPU, 1 GB, PORT=8080
Service

Keeps N copies of a task running. Handles rolling deployments, health checks, and restarts failed tasks. Integrates with ALB for traffic routing.

api-service: desired=3, min=2, max=6
Task

A running instance of a task definition. Fargate tasks start in ~30–90 seconds from the AWS capacity pool. Each task gets its own ENI, security group, and IAM role.

Running: api:42 on 0.5 vCPU / 1 GB since 09:14 UTC

Fargate pricing — real numbers

Fargate charges per vCPU-hour and per GB-hour. The ECS control plane is free. You pay only for running containers.

ResourceUnitPriceNote
vCPUper hour$0.04048Same in all regions (us-east-1 baseline)
Memoryper GB-hour$0.004445Memory is priced separately from CPU
Fargate Spot vCPUper hour$0.01214~70% off On-Demand — flat, not hourly-bid
Fargate Spot memoryper GB-hour$0.00133~70% off On-Demand
ECS control planeper cluster$0Free at any scale — unlimited clusters
Data transfer outper GB$0.09First 100 GB/month free

Source: aws.amazon.com/fargate/pricing — verified June 2026, us-east-1.

Example: 1 vCPU · 2 GB task, us-east-1
24/7 (730 hrs/mo)
CPU (1 vCPU)$29.55
Memory (2 GB)$6.49
$36/mo
Working hours only (Mon–Fri 8am–8pm)
CPU (1 vCPU)$9.84
Memory (2 GB)$2.16
$12/mo
Fargate Spot, working hours
CPU (1 vCPU)$2.95
Memory (2 GB)$0.65
$3.60/mo

For your actual fleet size, open the ECS cost calculator — enter your environment count and the scheduling savings estimate is instant.

What environments actually cost

“Scheduled” = running Mon–Fri 8am–8pm only (60 hrs/week vs 168 hrs/week). Nights, weekends, and holidays stopped.

EnvironmentSpec24/7ScheduledSavings
Small dev service0.25 vCPU · 0.5 GB · 1 service$9$367%
Typical dev environment0.5 vCPU · 1 GB · 3 services$55$1867%
Staging environment1 vCPU · 2 GB · 5 services$183$6167%
10 dev/staging environments0.5 vCPU · 1 GB avg · 4 services each$735$24567%
Why scheduling matters: Fargate reaches true $0 when stopped — no EC2 instances idling, no control plane fees. At 10 environments, the difference between 24/7 and scheduled is ~$490/month. That's before Fargate Spot, which cuts On-Demand rates by another 70%.

Terraform module — ready to use

The community standard is terraform-aws-modules/ecs/aws by Anton Babenko — 671 stars, last release March 2026.

Don't write ECS Terraform from scratch. This module handles cluster configuration, capacity providers, service definitions, and container specs in a consistent, maintained interface. Below is a production-ready starting point for a Fargate cluster with one service.

★ 671 — terraform-aws-modules/ecs on GitHub →
module "ecs_cluster" {
  source  = "terraform-aws-modules/ecs/aws"
  version = "~> 7.5"

  cluster_name = "my-app-${var.environment}"

  # Fargate + Fargate Spot capacity providers
  cluster_capacity_providers = ["FARGATE", "FARGATE_SPOT"]

  default_capacity_provider_strategy = {
    FARGATE = {
      weight = 50
      base   = 1   # min 1 task on On-Demand for stability
    }
    FARGATE_SPOT = {
      weight = 50
    }
  }

  # Define your services inline
  services = {
    api = {
      cpu    = 512   # 0.5 vCPU
      memory = 1024  # 1 GB

      container_definitions = {
        api = {
          essential = true
          image     = "${var.ecr_repo_url}:${var.image_tag}"
          cpu       = 512
          memory    = 1024

          port_mappings = [{
            name          = "http"
            containerPort = 8080
            protocol      = "tcp"
          }]

          environment = [
            { name = "PORT",        value = "8080" },
            { name = "ENVIRONMENT", value = var.environment },
          ]

          log_configuration = {
            logDriver = "awslogs"
            options = {
              awslogs-group         = "/ecs/${var.environment}/api"
              awslogs-region        = var.aws_region
              awslogs-stream-prefix = "api"
              mode                  = "non-blocking"
              max-buffer-size       = "4m"
            }
          }
        }
      }

      subnet_ids         = var.private_subnet_ids
      security_group_ids = [aws_security_group.ecs_tasks.id]
    }
  }

  tags = {
    Environment = var.environment
    ManagedBy   = "terraform"
  }
}

# To stop all services in an environment (e.g. at night):
# aws ecs update-service --cluster my-app-dev --service api --desired-count 0
What this gives you: A Fargate cluster with FARGATE + FARGATE_SPOT capacity (50/50 split), one service, non-blocking CloudWatch logs with a 4MB buffer, and environment tagging. Drop in your ECR URL and subnet IDs.

The last comment shows how to stop a service manually. At 1–3 environments, this is fine. At 10+ environments, you're running this command 30–60 times per day (start in the morning, stop at night, per service, per environment). That's when teams build scheduling automation — or use a tool that does it.

ECS Fargate vs EKS

ECS: $0 control plane, $0 idle, ~0.1 FTE ops overhead. EKS: $73/mo per cluster, can't reach $0 when idle, ~0.5–2 FTE (full-time engineer equivalent) ops overhead.

The choice between ECS and EKS is not primarily about cost — it's about operational model. EKS buys you the Kubernetes ecosystem (operators, Helm charts, multi-cloud). ECS buys you simplicity and full AWS integration without owning a control plane.

Choose ECS Fargate if
  • AWS-only — no multi-cloud requirement
  • No dedicated platform team
  • Want containers without owning Kubernetes
  • Need true $0 idle cost for non-prod envs
  • SOC 2 / HIPAA — simpler audit surface
Choose EKS if
  • Team already knows Kubernetes
  • Need K8s operators (Istio, ArgoCD, cert-manager)
  • Multi-cloud or on-prem via EKS Anywhere
  • 100+ services with complex scheduling
  • GPU orchestration with K8s tooling
Full ECS vs EKS breakdown — pricing, ops load, cost calculator →

What breaks at 10+ environments

Terraform handles provisioning at 10+ environments. What breaks is operations — the layer between your IaC and your developers.

Most teams hit this wall around their 10th environment. The Terraform is clean. The services are running. But the operational overhead is silently accumulating.

Environments run 24/7
No scheduling system. Stopping 10 environments manually is 30+ CLI commands. Nobody does it consistently.
~$500–1,500/mo in avoidable non-prod compute
Developers ping platform engineers to restart staging
No self-service access. IAM policies are scoped to the platform team. A developer can't run aws ecs update-service without a ticket.
~2–4 hours/week of platform engineer time
No visibility into what's running
10 clusters, 4 services each, spread across 2 AWS accounts. The AWS Console shows one cluster at a time.
Incidents take longer to diagnose. On-call is harder.
Can't attribute cost per environment
AWS bills per account, not per environment. Tag-based cost allocation breaks when resources are shared (ALBs, VPCs, NAT gateways).
Engineering decisions made without cost data
These are operations problems, not infrastructure problems. Terraform provisions environments — it doesn't operate them. The operations layer (scheduling, self-service access, fleet visibility, cost attribution) is what most teams build themselves starting around environment 10–15, or adopt a tool for.
Running ECS at scale?

See what your fleet actually looks like.

The Fleet Audit reads your ECS clusters via a local AI tool and shows you which environments are idle, what they cost, and what the scheduling opportunity is. Takes 5 minutes.

Run Fleet Audit →Open cost calculator →
Questions readers ask next

How do I set up ECS Fargate networking — public vs private subnets?

Most production setups put tasks in private subnets with a NAT Gateway for outbound traffic, and an ALB in public subnets for inbound. Public subnet + public IP is simpler but exposes container ENIs directly. Private subnet adds ~$32/mo per NAT Gateway but is required for SOC 2 / HIPAA.

Can I run ECS Fargate across multiple AWS accounts?

Yes — each AWS account gets its own ECS clusters. Cross-account traffic routes through VPC peering or Transit Gateway. IAM task roles are scoped per account. At 10+ environments spread across accounts, the main pain point is unified visibility: the AWS Console shows one account at a time, and cost attribution requires custom tagging across accounts.

How does ECS Fargate handle secrets — environment variables vs Secrets Manager?

Don't pass secrets as plain environment variables. ECS supports native integration with AWS Secrets Manager and SSM Parameter Store via the secrets field in task definitions — the secret is injected at task start and never stored in plain text in the task definition. Use Secrets Manager for credentials that rotate; SSM Parameter Store for static config.

FAQ

What is the difference between AWS ECS and AWS Fargate?

ECS (Elastic Container Service) is the orchestrator — it decides where containers run, handles service discovery, rolling deployments, and health checks. Fargate is the compute layer — it runs your containers without you managing EC2 instances. You can run ECS on EC2 (you manage the nodes) or on Fargate (AWS manages everything below the container). Most teams starting fresh choose ECS on Fargate.

How much does AWS Fargate cost per month?

Fargate charges $0.04048 per vCPU-hour and $0.004445 per GB-hour. A typical dev service (0.5 vCPU, 1 GB) costs about $17/month running 24/7. A staging environment with 5 services costs roughly $85/month. At 10+ environments running around the clock, monthly non-prod spend reaches $800–1,500. Scheduling environments to stop nights and weekends cuts that by 60–70%.

Is AWS ECS free?

The ECS control plane is free — $0 per cluster, $0 per service definition, no management fee. You pay only for the compute underneath: Fargate vCPU/GB-hours, or EC2 instances if you use the EC2 launch type. This is different from EKS, which charges $0.10/hour ($73/month) per cluster regardless of whether containers are running.

Should I use ECS Fargate or EKS?

Choose ECS Fargate if you're AWS-only, don't have a dedicated platform team, and want containers without owning Kubernetes. Choose EKS if your team already knows Kubernetes, needs the K8s operator ecosystem (Istio, ArgoCD, cert-manager), or has multi-cloud requirements. ECS Fargate has zero control plane cost and true $0 idle cost — EKS charges $73/month per cluster even when stopped.

What breaks when you run 10+ ECS environments?

Terraform handles provisioning fine at 10+ environments. What breaks is operations: environments run 24/7 because there's no scheduling system, developers can't restart their own staging without a ticket, there's no single view of what's running across your fleet, and cost visibility disappears — you see total AWS spend but not per-environment spend. These are operations problems, not infrastructure problems. Terraform provisions environments; it doesn't operate them.

Related articles
Guide
How to Cut AWS ECS Fargate Costs by 65%
Fargate Spot, environment scheduling, and right-sizing — with real numbers from a 12-environment fleet.
Comparison
ECS vs EKS: Which AWS Container Service?
$0 vs $73/mo control plane, ops load comparison, and a cost calculator for your fleet size.