Severity Framework
CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Snyk CCSS
Rule category
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Containers/ Health
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
ISO-27001
- Snyk IDSNYK-CC-00199
- creditSnyk Research Team
Description
Adding health checks to your ECS tasks gives you more visibility in monitoring the health of your tasks and improves your ability to know that your ECS tasks are healthy.
How to fix?
Set the container_definitions json document healthcheck key to an appropriate value.
Example Configuration
resource "aws_ecs_task_definition" "valid_container_healthcheck" {
family = "valid_container_healthcheck"
container_definitions = <<EOF
[
{
"name": "valid_container_healthcheck",
"image": "hello-world",
"memory": 128,
"healthcheck": {
"command": ["CMD-SHELL", "echo 'healthy' || exit 1"]
}
}
]
EOF
requires_compatibilities = ["EC2"]
}