Can you SSH into one of the EC2 instances and verify it has access to the Internet (using something like a
curl command)? It sounds like it can't access the ECS API to register itself with the cluster. If you don't have a VPC endpoint in the VPC for the ECS service, then the instances would need Internet access to connect to the ECS API.