Skip to content

Releases: aws-containers/amazon-ecs-exec-checker

v0.7

06 Aug 07:31

Choose a tag to compare

Enhancements

  • Clarify that Amazon ECS Exec Checker doesn't support shared VPC subnets (#29)
  • Permission checks related to KMS now use specific KMS key ARN (#33, #34)

Bug Fixes

  • Fix broken output when there is neither EC2 instance role nor ECS task role configured (#30)
  • Support using MFA devices (#28)
  • Fix "PrivateLink check" when target ECS task is on EC2 (4e067b2)

Acknowledgement

Thank you @hi1280, @rectalogic and @grimm26 for the contributions!

v0.6

18 Jun 01:16

Choose a tag to compare

Enhancements

  • Support using MFA devices (#28)

Acknowledgement

Thank you @deleugpn for the request and for testing it out!

v0.5

20 May 09:08
d4d7bfb

Choose a tag to compare

Enhancements

  • Add new check as a red item for checking the readonlyRootFilesystem flag (#24)

Bug Fixes

  • Respect overridden task role for the task role permission checks (#23)

v0.4

13 Apr 12:48
f03bd34

Choose a tag to compare

Enhancements

  • Add new check as a yellow item for initProcessEnabled (#17)
  • Add new check as a red item for ensuring the ECS task is in RUNNING status (#19)
  • Show lastStartedAt in the managed agent's status for debugging (#20)

Bug Fixes

  • Fix typos in README (#14)

Acknowledgments

Thank you @erjanmx for the contribution!

v0.3

30 Mar 10:37
24d99ca

Choose a tag to compare

Enhancements

  • Support assumed IAM roles to run the "Can I ExecuteCommand?" check (#12, #10)
  • Show an error message when the AWS region parameter is missing (#13)

Acknowledgments

Thank you @sindrig for the contributions!

v0.2

28 Mar 05:16
974c2a0

Choose a tag to compare

Enhancements

  • Task existence check (#8)
  • The "Can I ExecuteCommand?" check now also checks to ensure the IAM user/role cannot call ssm:StartSession from the security perspevtive (#7), see also its background at #1

Bug Fixes

  • Make the shebang work (#9)
  • The "Can I ExecuteCommand?" check now checks on task instead of cluster (#6)
  • The version number of AWS CLI v1 is now printed in the right place (#5)

Acknowledgments

Thank you @fujiwara and @Anorlondo448 for the contributions!

Initial release

26 Mar 02:57

Choose a tag to compare

v0.1

Initial import