top of page
< Back

AWS Foundational Security Best Practice

ECS.8

Secrets should not be passed as container environment variables

Severity

Cloud Platforms

Resources

HIGH

AWS

Amazon Elastic Container Service

This control checks if the key value of any variables in the ‘environment’ parameter of container definitions includes - AWS_ACCESS_KEY_ID; AWS_SECRET_ACCESS_KEY; or ECS_ENGINE_AUTH_DATA.

bottom of page