Severity Framework
Snyk CCSS
Rule category
Keys and Secrets / Access
Is your enviroment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-Controls
- Snyk ID SNYK-CC-00224
- credit Snyk Research Team
Description
Secret value has been declared in variable definition.
How to fix?
Remove the secret value from the environment
map.
Example Configuration
resource "aws_ecs_task_definition" "service_2" {
family = "service"
container_definitions = <<EOF
[
{
"name": "my_service",
"essential": true,
"memory": 256,
"environment": [
{ "name": "ENVIRONMENT", "value": "development" }
]
}
]
EOF
volume {
name = "service-storage"
host_path = "/ecs/service-storage"
}
placement_constraints {
type = "memberOf"
expression = "attribute:ecs.availability-zone in [us-west-2a, us-west-2b]"
}
}