ECS Containers Do Not Run As Non-Privileged

Overview

This validation assesses whether the "privileged" parameter in the container definition of Amazon ECS Task Definitions is configured as true. The check results in a failure if the parameter is set to true. It specifically examines the most recent active revision of an Amazon ECS task definition.

It is advisable to eliminate elevated privileges from your ECS task definitions. When the "privileged" parameter is set to true, the container gains elevated privileges on the host container instance, akin to those of the root user.

Vendor

AWS

Cloud Service

ECS

ECS.4

Severity

Item Types

AWS::ECS::TaskDefinition

Overview​

Vendor​

Cloud Service​

Related Controls​

Severity​

Item Types​

Overview

Vendor

Cloud Service

Related Controls

Severity

Item Types