Checks whether running Elastic Container Instances have unfixed vulnerabilities of the specified type and severity in Security Center. Instances with no matching vulnerabilities are compliant.
Scenario
Use this rule to verify that running Elastic Container Instances have no unfixed vulnerabilities, helping maintain application security and stability.
Severity
Default severity: Medium.
You can change the severity when you apply this rule.
Compliance evaluation logic
An Elastic Container Instance with no unfixed vulnerabilities of the specified type and severity in Security Center is evaluated as compliant. Non-running instances are not evaluated.
Description
|
Field |
Description |
|
Rule Template Name |
The running Elastic Container Instance has no vulnerabilities to be fixed. |
|
Rule Template Identifier |
|
|
Automatic remediation |
Not supported |
|
Invoke Type |
Periodic: Every 24 hours |
|
Supported resource type |
ACS::ECI::ContainerGroup |
|
Input parameter |
type. Default value: cve. necessity. Default value: asap. |
Non-compliance remediation
To fix detected vulnerabilities, View and handle vulnerabilities.