By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Moving to ECS-Fargate from EC2

0

Hi All,

We are trying to migrate from EC2 to AWS ECS Fargate and this is a PCI complaint environment. We would like to get inputs on how we could be complaint for PCI with Fargate implementation. Particularly it would be helpful if I get some inputs on how everyone is dealing with the run-time security of Fargate containers. It would be nice to know as to how requirements like anti-virus, FIM which were in EC2 are covered with AWS Fargate.

Regards, Karthik

Topics
Security, Identity, & ComplianceServerlessContainersAWS Well-Architected Framework
Tags
Security, Identity, & ComplianceAWS FargateAmazon Elastic Container ServiceContainersSecurity
Language
English
Karthikeyan Venkatraman
asked 2 years ago617 views
1 Answer
1

We published a whitepaper for Architecting on Amazon ECS for PCI DSS Compliance in July 2020. This could serve as a good guide for some of the PCI DSS requirements.

We also have the ECS Security Best Practices guidance that informs the users on Fargate runtime security features.

You should work with your PCI-DSS assessor to ensure these controls are appropriate and acceptable for the scope of compliance.

https://d1.awsstatic.com/whitepapers/compliance/architecting-on-amazon-ecs-for-pci-dss-compliance.pdf https://docs.aws.amazon.com/AmazonECS/latest/bestpracticesguide/security-fargate.html

AWS
AWS-User-1143558
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content