Query: ECS containers should be limited to read-only access to root filesystems

Description

This control checks if ECS containers are limited to read-only access to mounted root filesystems. This control fails if the ReadonlyRootFilesystem parameter in the container definition of ECS task definitions is set to false.

Query

Tables used in this query:

• aws_ecs_task_definition

Controls using this query:

• 5 ECS containers should be limited to read-only access to root filesystems
• ECS containers should be limited to read-only access to root filesystems

SQL