You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Originally posted by drissamri November 27, 2024
We run Artillery on AWS using the fargate option but the automated scans by AWS SecurityHub raise an alarm that containers should only have read-only access to its root system
I don't see an option to customize the Fargate deployment? Is this something that can be fixed in the framework itsefl? There is an option readonlyRootFilesystem that can be enabled on a Fargate Task which would resolve this security alert.
Discussed in #3420
Originally posted by drissamri November 27, 2024
We run Artillery on AWS using the fargate option but the automated scans by AWS SecurityHub raise an alarm that containers should only have read-only access to its root system
I don't see an option to customize the Fargate deployment? Is this something that can be fixed in the framework itsefl? There is an option readonlyRootFilesystem that can be enabled on a Fargate Task which would resolve this security alert.
If the container does need to write filesystem, there are other options to do this like using Docker volumes to get rid of this error: https://repost.aws/questions/QUZufioV63TciPZZ0onYdsdA/unable-to-limit-ecs-containers-to-read-only-access-to-root-filesystem
The text was updated successfully, but these errors were encountered: