💼 [ECS.8] Secrets should not be passed as container environment variables
- ID:
/frameworks/aws-fsbp-v1.0.0/ecs/08
Description
AWS Systems Manager Parameter Store can help you improve the security posture of your organization. We recommend using the Parameter Store to store secrets and credentials instead of directly passing them into your container instances or hard coding them into your code.
Similar
- AWS Security Hub
- Internal
- ID:
dec-c-5d650d86
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks | 43 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration | 7 | 36 | no data | ||
| 💼 PCI DSS v4.0.1 → 💼 8.6.2 Passwords/passphrases for any application and system accounts that can be used for interactive login are not hard coded in scripts, configuration/property files, or bespoke and custom source code. | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS ECS Task Definition passes secrets as container environment variables🟢 | 1 | 🟢 x6 | no data |