Evaluates whether environment variable names of an Elastic Container Instance (ECI) container group contain a specified key. The evaluation result is Compliant if the specified key is not found.
Scenarios
Ensure that sensitive information in environment variables is properly protected to prevent data leaks and abuse.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements.
Compliance evaluation logic
The rule checks whether the environment variable names of an ECI container group contain the specified key. If the key is not found, the evaluation result is Compliant.
Rule details
|
Parameter |
Description |
|
Rule Template Name |
eci-containergroup-environment-no-specified-keys |
|
Rule Template Identifier |
|
|
Tag |
ContainerGroup |
|
Automatic remediation |
Not supported |
|
Invoke Type |
Periodic: Every 24 hours |
|
Supported resource type |
Container group (ACS::ECI::ContainerGroup) |
|
Input parameter |
The parameter name is keys. Default value: AccessKey, AK, or AccessKeyID. |