ECS Container Contains a Secret in Environment Variables

Overview

This check verifies that the environment variable key in container definitions does not include AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or ECS_ENGINE_AUTH_DATA.

It fails if any container definition has an environment variable equal to one of these values.

Vendor

AWS

Cloud Service

ECS

Related Controls

ECS.8

Severity

4

Item Types

AWS::ECS::TaskDefinition