ECS Cluster with Container Insights Disabled

  • Query id: 0c7a76d9-7dc5-499e-81ac-9245839177cb
  • Query name: ECS Cluster with Container Insights Disabled
  • Platform: Crossplane
  • Severity: Low
  • Category: Observability
  • CWE: 778
  • URL: Github

Description

ECS Cluster should enable container insights
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: Cluster
metadata:
  name: example
spec:
  forProvider:
    region: us-east-1
Positive test num. 2 - yaml file
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: Cluster
metadata:
  name: example
spec:
  forProvider:
    region: us-east-1
    settings: []
Positive test num. 3 - yaml file
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: Cluster
metadata:
  name: example
spec:
  forProvider:
    region: us-east-1
    settings:
      - name: "containerInsights"
        value: "disabled"

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
apiVersion: ecs.aws.crossplane.io/v1alpha1
kind: Cluster
metadata:
  name: example
spec:
  forProvider:
    region: us-east-1
    settings:
      - name: "containerInsights"
        value: "enabled"