AWS ECS services should not have public IP addresses assigned

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

A public IP address is an IP address that can be accessed from the internet. When you configure your Amazon ECS instances with a public IP address, they become accessible from the internet. It is not recommended to make Amazon ECS services publicly available to avoid unauthorized access to your container application servers.

Note: This finding should be muted for resources intentionally configured to be publicly accessible.

Remediation

From the console

To disable automatic public IP assignment, see To configure VPC and security group settings for your service in the Amazon Elastic Container Service Developer Guide.

PREVIEWING: Cyril-Bouchiat/add-vm-package-explorer-doc