AWS prescriptive-guidance documentation change
Summary
Removed recommendation to use Secrets Manager CSI Driver and note about AWS Fargate unsupported
Security assessment
Removal of security best practice guidance about environment variable security, but no explicit evidence of addressing a vulnerability. Change appears to relocate content rather than fix a security issue.
Diff
diff --git a/prescriptive-guidance/latest/encryption-best-practices/ecs.md b/prescriptive-guidance/latest/encryption-best-practices/ecs.md index e89db9ed2..8b690d30c 100644 --- a//prescriptive-guidance/latest/encryption-best-practices/ecs.md +++ b//prescriptive-guidance/latest/encryption-best-practices/ecs.md @@ -30,6 +29,0 @@ Consider the following encryption best practices for this service: - * To help mitigate the risk of data leaks from environment variables, we recommend you use the [AWS Secrets Manager and Config Provider for Secret Store CSI Driver](https://github.com/aws/secrets-store-csi-driver-provider-aws) (GitHub). This driver allows you to make secrets stored in Secrets Manager and parameters stored in Parameter Store appear as files mounted in Kubernetes pods. - -###### Note - -AWS Fargate is not supported. -