Checks whether each ECS instance launch template contains the security group to which you want to add an ECS instance. If so, the evaluation result is Compliant.
Scenarios
Adding a security group to an ECS instance launch template can effectively protect the network security of ECS instances.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If each ECS instance launch template contains the security group to which you want to add an ECS instance, the evaluation result is Compliant.
If an ECS instance launch template does not contain the security group to which you want to add an ECS instance, the evaluation result is Non-compliant.
Rule details
Parameter | Description |
Rule name | ecs-launch-template-version-attach-security-group |
Rule identifier | |
Tag | LaunchTemplateVersion |
Automatic remediation | Not supported |
Trigger type | Configuration change |
Supported resource type | ECS instance launch template |
Input parameter | None |