1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
3
To resolve this Security Hub finding "[ECS.5] ECS containers should be limited to read-only access to root filesystems", set the parameter "readonlyRootFilesystem" to "false" in the ECSTaskDefinition.
- Select a task definition that has container definitions that need to be updated. For each, complete the following steps:
- From the drop down, choose Create new revision with JSON.
- Add the readonlyRootFilesystem parameter, and set it to **true **in the container definition within the task definition.
- Choose Create.
https://docs.aws.amazon.com/securityhub/latest/userguide/ecs-controls.html#ecs-5 https://docs.aws.amazon.com/config/latest/developerguide/ecs-containers-readonly-access.html
con risposta 7 mesi fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
Totally spot on with the answer here. Just ensure your container/application still launches when set to read only as I see many times that when set to read only the container fails to launch.
This solved the problem for me. Thank you