Back to All Checks
High ECS Regional

ECS task definitions should not share the host's process namespace

NISTISO 27001

Description

Checks if Amazon ECS task definitions are configured to share a host's process namespace with its containers. The control fails if the task definition shares the host's process namespace.

Remediation

To configure the pidMode on a task definition, update the task definition to not share the host's process namespace.

Steps

  1. Open the Amazon ECS console.
  2. Navigate to the 'Task Definitions' tab.
  3. Select the task definition to update.
  4. Edit the task definition and ensure 'pidMode' is not set to 'host'.
  5. Update the task definition.

Compliance

NISTISO 27001
Start Your Free Security Check