Skip to main content

Security containers deployment on AWS ECS

To deploy a Security Container instances on AWS ECS follow the steps in this article:


Before starting, you need to have an ECS cluster configured with EC2 Linux.

  1. Log in to Amazon ECS and go to the Task Definitions page.

  2. Select Create New Task Definition.

  3. In the Select launch type compatibility step, select EC2 and click Next Step.

  4. In Configure tasks and container definitions step, take the following actions:

    1. Add a descriptive name under Task definition name (for example, bitdefender-security-tools/bitdefender-security-container).

    2. Under Task role, select ecsTaskExecutionRole.

    3. Under Network mode, select Host.


      Scroll down to continue.

    4. Configure the Task Execution IAM Role section:

      • Under Task execution role, select ecsTaskExecutionRole.

      Scroll down to continue.

    5. Configure the Task size section:

      1. Under Task memory (MIB), select 2048 (if lower, the antimalware module might crash).

      2. Under Task CPU, select 1024.


      Scroll down to continue.

  5. Under container definitions, select Add container.

  6. Add a BSC container:

    1. Under Container name, add a descriptive name for the container.

    2. Under image, add the latest version from

    3. Under Memory Limits, select Hard Limit and 2048.

    4. Add the BSC environment variables needed to start BSC.



      The value given to BSC_GID needs to different than the IDs given to any other already existing groups.

    5. Select Add.

      The container has now been added and configured:


    Scroll down to continue.

  7. Under the Volumes Section, click Add volume.


    The following screen will be displayed:


    Fill in the required information and select Add. You need to repeat the step for each of the following volumes:

    • data, with Source path /mnt/data.

    • sys, with Source path = /sys

    • proc, with Source path = /proc

    • os-release, with Source path = /etc/os-release

    • root, with Source path = /

  8. Scroll back up to the Container definition section and double click the previously selected container.

    Scroll down to continue.

  9. Under the Storage and Logging section click Add mount point.

  10. Add these Mount points:

    • data - data

    • sys - /mnt/host-sys

    • proc - /mnt/host-proc

    • os-release - /mnt/host-os-release

    • root - /mnt/host


    Scroll down to continue.

  11. Under the Security section, select the Privileged checkbox, in order to give the container elevated privileges.


    Scroll down to continue.

  12. Click Update

    Scroll down to continue.

  13. Click Configure via json.


    A new window will open containin the configuration json code.

  14. Set pidMode value to host and save the modification.


    Scroll down to the bottom of the page.

  15. Select Create.

  16. Run the previously created task on the ECS cluster:

    1. Go to the Clusters page.

    2. Select the cluster and click Run new Task.

    3. Select EC2 launch type and select the task definition that you want to use and start the task.


The BSC container will be deployed on the cluster.