From 571280f0cdef2b7583b8d6e24c0eecacb93d3804 Mon Sep 17 00:00:00 2001
From: Fennerr <41741346+Fennerr@users.noreply.github.com>
Date: Thu, 5 Jan 2023 14:11:05 +0200
Subject: [PATCH] feat(): update recommendation of
 ecs_task_definitions_no_environment_secrets (#1658)

---
 .../ecs_task_definitions_no_environment_secrets.metadata.json   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/prowler/providers/aws/services/ecs/ecs_task_definitions_no_environment_secrets/ecs_task_definitions_no_environment_secrets.metadata.json b/prowler/providers/aws/services/ecs/ecs_task_definitions_no_environment_secrets/ecs_task_definitions_no_environment_secrets.metadata.json
index 28f8147b..1ee6b8e9 100644
--- a/prowler/providers/aws/services/ecs/ecs_task_definitions_no_environment_secrets/ecs_task_definitions_no_environment_secrets.metadata.json
+++ b/prowler/providers/aws/services/ecs/ecs_task_definitions_no_environment_secrets/ecs_task_definitions_no_environment_secrets.metadata.json
@@ -23,7 +23,7 @@
       "Terraform": ""
     },
     "Recommendation": {
-      "Text": "Use Secrets Manager or Parameter Store to securely provide credentials to containers without hardcoding the secrets in code or passing them through environment variables.",
+      "Text": "Use Secrets Manager or Parameter Store to securely provide credentials to containers without hardcoding the secrets in code or passing them through environment variables. It is currently not possible to delete task definition revisions which contain plaintext secrets. AWS is looking into implementing this feature in 2023, and it is therefore recommended that all plaintext secrets are rotated at the same time as moving the secrets to Secrets Manager or Parameter Store.",
       "Url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html"
     }
   },