Y
Hacker News
new
|
ask
|
show
|
jobs
by
OhSoHumble
2468 days ago
This is incredibly true. The only requirement for an ECS cluster member is to be running the ECS agent - which is a Golang binary.
You're free to run a CIS hardened image if you desire to do so.
2 comments
ed6612
2468 days ago
This is how we roll. CIS as base, Packer to customize (ecs agent, docker) into own AMIs.
link
fovc
2468 days ago
Are there OSS or commercial AMIs that have been hardened? Maybe some RHEL or CentOS?
link
OhSoHumble
2468 days ago
Yeah, if you look at the AWS image marketplace then you'll find some.
link
zo1
2468 days ago
For some odd reason, I find the AWS marketplace a bit suspect looking. Not saying that it is, just that that's my impression of it.
link