top of page

ECS.5

ECS containers should be limited to read-only access to root filesystems

Severity

Cloud Platforms

Resources

Related Standards

Automated

HIGH

AWS

Amazon Elastic Container Service

AWS Foundational Best Practice, NIST.800-53.r5,

This control checks if ECS containers are limited to read-only access to mounted root filesystems. This control fails if the ReadonlyRootFilesystem parameter in the container definition of ECS task definitions is set to ‘false’.

bottom of page