top of page
< Back

AWS Foundational Security Best Practice

ECS.5

ECS containers should be limited to read-only access to root filesystems

Severity

Cloud Platforms

Resources

HIGH

AWS

Amazon Elastic Container Service

This control checks if ECS containers are limited to read-only access to mounted root filesystems. This control fails if the ReadonlyRootFilesystem parameter in the container definition of ECS task definitions is set to ‘false’.

bottom of page