The part of ECS CloudFormation template

ecs-stack-part.yml

ECSLaunchConfiguration:
  DependsOn: ECSCluster
  Type: AWS::AutoScaling::LaunchConfiguration
  Properties:
    ...
    UserData:
      "Fn::Base64": !Sub |
        #!/bin/bash

        export HTTP_PROXY=${ProxyHost}:${ProxyPort}
        export HTTPS_PROXY=$HTTP_PROXY
        export NO_PROXY="localhost,127.0.0.1,169.254.169.254"

        yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
        yum install -y aws-cfn-bootstrap
        /opt/aws/bin/cfn-init -v --region ${AWS::Region} --stack ${AWS::StackName} --resource ECSLaunchConfiguration

        # Set Docker HTTP proxy
        if [ ! -f /var/lib/cloud/instance/sem/config_docker_http_proxy ]; then
          echo "export HTTP_PROXY=http://$HTTP_PROXY/" >> /etc/sysconfig/docker
          echo "export NO_PROXY=169.254.169.254" >> /etc/sysconfig/docker
          echo "$$: $(date +%s.%N | cut -b1-13)" > /var/lib/cloud/instance/sem/config_docker_http_proxy
        fi

        # Set ECS agent HTTP proxy
        if [ ! -f /var/lib/cloud/instance/sem/config_ecs-agent_http_proxy ]; then
          echo "ECS_CLUSTER=${ECSCluster}" >> /etc/ecs/ecs.config
          echo "HTTP_PROXY=$HTTP_PROXY" >> /etc/ecs/ecs.config
          echo "NO_PROXY=169.254.169.254,169.254.170.2,/var/run/docker.sock" >> /etc/ecs/ecs.config
          echo "$$: $(date +%s.%N | cut -b1-13)" > /var/lib/cloud/instance/sem/config_ecs-agent_http_proxy
        fi

        # Set ecs-init HTTP proxy
        if [ ! -f /var/lib/cloud/instance/sem/config_ecs-init_http_proxy ]; then
          echo "env HTTP_PROXY=$HTTP_PROXY" >> /etc/init/ecs.override
          echo "env NO_PROXY=169.254.169.254,169.254.170.2,/var/run/docker.sock" >> /etc/init/ecs.override
          echo "$$: $(date +%s.%N | cut -b1-13)" > /var/lib/cloud/instance/sem/config_ecs-init_http_proxy
        fi

        # Login to ECR
        aws ecr get-login --region ${AWS::Region} --no-include-email > ecrlogin.sh
        chmod 755 ecrlogin.sh

        # Restarting docker service, so that it can pick proxy configurations
        service docker restart

        # Loggin to ECR
        unset HTTPS_PROXY
        ./ecrlogin.sh
        export HTTPS_PROXY=$HTTP_PROXY

        /opt/aws/bin/cfn-signal -e $? --region ${AWS::Region} --stack ${AWS::StackName} --resource ECSAutoScalingGroup

  Metadata:
    AWS::CloudFormation::Init:
      config:
        ...
        files:
          "/etc/systemd/system/docker.service.d/http-proxy.conf":
            mode: 000644
            owner: root
            group: root
            content: !Sub |
              [Service]
              Environment="HTTPS_PROXY=http://${ProxyHost}:${ProxyPort}/"
        ...