ECS Container has Root Privileges

Tenacity Id

Risk Level




Last Updated:

April 21, 2022

The Amazon Elastic Container Service (ECS) container definition "user" parameter is set to root (UID 0). When the ECS ContainerDefinition "user" has root privileges then the container commands are run with elevated privileges. An attacker who gains control of this container would then have root privileges. The ECS ContainerDefinition "user" should be configured as a non-root user configured with least privilege. Note: This parameter is not supported for Windows.