ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-11 07:15:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(): update recommendation of ecs_task_definitions_no_environment_secrets (#1658)

Browse Source
This commit is contained in:
Fennerr
2023-01-05 14:11:05 +02:00
committed by GitHub
parent c2fc01608e
commit 571280f0cd
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
prowler/providers/aws/services/ecs/ecs_task_definitions_no_environment_secrets/ecs_task_definitions_no_environment_secrets.metadata.json
View File

@@ -23,7 +23,7 @@
"Terraform": ""
},
"Recommendation": {
"Text": "Use Secrets Manager or Parameter Store to securely provide credentials to containers without hardcoding the secrets in code or passing them through environment variables.",
"Text": "Use Secrets Manager or Parameter Store to securely provide credentials to containers without hardcoding the secrets in code or passing them through environment variables. It is currently not possible to delete task definition revisions which contain plaintext secrets. AWS is looking into implementing this feature in 2023, and it is therefore recommended that all plaintext secrets are rotated at the same time as moving the secrets to Secrets Manager or Parameter Store.",
"Url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html"
}
},