turbot/aws_compliance

GitHub
Loading controls...

Control: ECS task definition container definitions should be checked for host mode

Description

Check if Amazon Elastic Container Service (Amazon ECS) task definition with host networking mode has 'privileged' or 'user' container definitions.The rule is NON_COMPLIANT for task definitions with host network mode and container definitions of privileged=false or empty and user=root or empty.

Usage

steampipe check aws_compliance.control.ecs_task_definition_user_for_host_mode_check

SQL

This control uses a named query:

ecs_task_definition_user_for_host_mode_check

Tags