Control: AWS > NIST 800-53 > ECS > ECS task definition container definitions should be checked for host mode
Check if Amazon Elastic Container Service (Amazon ECS) task definition with host networking mode has 'privileged' or 'user' container definitions.The rule is NON_COMPLIANT for task definitions with host network mode and container definitions of privileged=false or empty and user=root or empty.
Resource Types
This control targets the following resource types:
Category
In Your Workspace
Developers
- tmod:@turbot/aws-nist-800-53#/control/types/ecsTaskDefinitionUserForHostModeCheck
- tmod:@turbot/turbot#/control/categories/complianceNist80053
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/ecsTaskDefinitionUserForHostModeCheck"
Get Controls
Control Type URI
Category URI
GraphQL
CLI