ECS Service Without Running Tasks
- Query id: f5c45127-1d28-4b49-a692-0b97da1c3a84
- Query name: ECS Service Without Running Tasks
- Platform: Ansible
- Severity: Low
- Category: Availability
- CWE: 665
- URL: Github
Description¶
ECS Service should have at least 1 task running
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
- name: ECS Service
community.aws.ecs_service:
state: present
name: test-service
cluster: test-cluster
task_definition: test-task-definition
desired_count: 3
placement_constraints:
- type: memberOf
expression: 'attribute:flavor==test'
placement_strategy:
- type: binpack
field: memory
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
- name: ECS Service
community.aws.ecs_service:
state: present
name: test-service
cluster: test-cluster
task_definition: test-task-definition
desired_count: 3
deployment_configuration:
minimum_healthy_percent: 75
maximum_percent: 150
placement_constraints:
- type: memberOf
expression: 'attribute:flavor==test'
placement_strategy:
- type: binpack
field: memory