Back to All Checks
High ECS Regional

ECS task definitions should have a logging configuration

NIST 800-53ISO 27001HIPAA

Description

This control checks if the latest active Amazon ECS task definition has a logging configuration specified. The control fails if the task definition doesn't have the logConfiguration property defined or if the value for logDriver is null in at least one container definition.

Remediation

To enable logging for your ECS task definitions, you need to configure the logConfiguration property in your container definitions.

Steps

  1. Navigate to the Amazon ECS console
  2. Select your task definition
  3. Choose 'Edit' and go to the container definition
  4. In the 'Logging' section, select a log driver (e.g., awslogs, fluentd, syslog)
  5. Configure the log options for your chosen driver
  6. Save the task definition with the logging configuration

Compliance

NIST 800-53ISO 27001HIPAA
Start Your Free Security Check