Architecture in the development environment
The project directory have single docker instance then EBS understand based on that file it will deploy application
Here we have multiple docker files then EBS confuse which one to take for that reason "Dockerrun.aws.json" comes
Dockerrun.aws.json this file tell the EBS where to pull the images from , what resources to be allocated to each one , how to setup the port mapping and some associated information.this file Dockerrun.aws.json resembles as docker-compose file .compose have how to build the image but Dockerrun.aws.json have from where image to be pulled from.
EBS does not understand Docker.aws.json it is forward it Amazon Elastic container service (ECS) which is responsible for creating the container based on Docker.aws.json we provided . Follow amazon ECS task definition documention for writing Docker.aws.json .
Security group (Firewall rules ) tells what different sources of the internet can connect to different sources(instances) inside the VPC.when any instance is created in VPC then automatically firewall rules are created to connect the resource fron outside world