Query: ECS task definition container definitions should be checked for host mode

Description

Check if AWS Elastic Container Service (AWS ECS) task definition with host networking mode has 'privileged' or 'user' container definitions.The rule is non-compliant for task definitions with host network mode and container definitions of privileged=false or empty and user=root or empty.

Query

Tables used in this query:

• aws_ecs_task_definition

Controls using this query:

• 1 Amazon ECS task definitions should have secure networking modes and user definitions
• ECS task definition container definitions should be checked for host mode

SQL