search

Zeus-Labs / ZeusCloud

Open Source Cloud Security
https://docs.zeuscloud.io
Apache License 2.0
690 stars 44 forks source link

Add ECS Security Rule: ECS Container Insights should be enabled #119

Open varunjain99 opened 1 year ago

varunjain99 commented 1 year ago

  1. Follow the directions here to add the rule - https://docs.zeuscloud.io/contribute/add-security-rule

  2. The Neo4J query probably needs to check the settings_container_insights field of the ECSCluster node (https://lyft.github.io/cartography/modules/aws/schema.html#ecscluster)

  3. Create a cdk stack (https://github.com/Zeus-Labs/ZeusCloud/blob/main/cdk/bin/cdk.ts) with an ECSCluster with and/or without the correct container insights setting.

  4. Run ZeusCloud and check that the rule works correctly. You can speed up cartography running by commenting out intel modules that are run here: (https://github.com/Zeus-Labs/cartography/blob/master/cartography/intel/aws/resources.py)

varunjain99 commented 1 year ago

Also should figure out which compliance frameworks if any this maps to