AWS Config Rule: ECS Fargate Latest Platform Version

Description: Checks if Amazon Elastic Container Service (ECS) Fargate Services is running on the latest Fargate platform version. The rule is NON_COMPLIANT if ECS Service platformVersion not set to LATEST.

Trigger type: Configuration changes

AWS Region: All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Europe (Spain), China (Ningxia), Europe (Zurich) Region

When specifying a Windows Platform Version for Fargate, the options are currently 1.0.0 or LATEST. There is only one version at the time of writing, but selecting 1.0.0 could mean you stay on an old version, should a new one be released. This particular Config Rule will flag as NON_COMPLIANT if your ECS Cluster has a Fargate task's Platform Version set to 1.0.0 - it needs to be LATEST

When specifying a Linux Platform Version for Fargate however, there are more options to consider. We have currently at the time of writing;

• 1.4.0
• 1.3.0
• 1.2.0
• 1.1.0
• 1.0.0

Currently, 1.4.0 is the LATEST but we can still choose LATEST as a Platform Version when configuring a Fargate Task on an ECS Cluster. Similar to the Windows platform setup, we will need to have LATEST selected to be COMPLIANT with this AWS Config Rule

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here