Amazon Elastic Container Service (ECS) now supports mounting Amazon Elastic Block Store (EBS) volumes to containers running as non-root users. With this launch, ECS automatically configures the EBS volume’s file system permissions to allow non-root users to read and write data securely, while preserving the root-level ownership of the volume. This enhancement simplifies security-first container deployments by removing the need for manual permission management or custom entrypoint scripts.
This feature enhances container security by allowing tasks to run as non-root users, reducing the risk of privilege escalation and unauthorized access to data. Previously, for a container in a task to write to a mounted Amazon EBS volume, it had to run as the root user. ECS now automatically manages EBS volume permissions, simplifying workflows and ensuring that all containers within a task — regardless of user ID — can securely read and write to the mounted volume.
This feature is now available in all AWS Regions where Amazon ECS and Amazon EBS are supported, for EC2, AWS Fargate, and ECS Managed Instances launch types. To learn more, see Use Amazon EBS volumes with Amazon ECS in the Amazon ECS Developer Guide.
Categories: marketing:marchitecture/containers,marketing:marchitecture/storage,marketing:marchitecture/compute,general:products/amazon-ecs,marketing:marchitecture/serverless
Source: Amazon Web Services
Latest Posts
- Microsoft 365 Copilot: Support for real-time screen sharing in Copilot voice sessions [MC1325421]
- Microsoft Teams: Guest invitation emails will be sent from the inviter’s email address [MC1325416]
- Microsoft Entra ID SSPR will require registered authentication methods starting September 7, 2026 [MC1325414]
- Microsoft 365 Apps: Cloud update – simplified channel management (public preview) [MC1325406]
