Network misconfigurations

Amazon ECS service configured to assign public IP addresses automatically

Description

ECS is a container management service that allows you to run, stop, and manage containers on a cluster. It was detected that ECS service {AwsEcsService} is configured to assign public IP addresses automatically. ECS instances with a public IP address are reachable from the internet and may allow unintended access.
  • Recommended Mitigation

    It is recommended to set AssignPublicIP to 'DISABLED' when creating ECS service. For more information: <a href="https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-configure-network.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-configure-network.html</a>