ecs-containers-readonly-access - AWS Config

ecs-containers-readonly-access

Checks if Amazon Elastic Container Service (Amazon ECS) Containers only have read-only access to its root filesystems. The rule is NON_COMPLIANT if the readonlyRootFilesystem parameter in the container definition of ECSTaskDefinitions is set to ‘false’.

Note

This rule only evaluates the latest active revision of an Amazon ECS task definition.

Identifier: ECS_CONTAINERS_READONLY_ACCESS

Resource Types: AWS::ECS::TaskDefinition

Trigger type: Configuration changes

AWS Region: All supported AWS regions except Asia Pacific (Jakarta) Region

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.