Amazon ECS supports running Firelens as a non-root user
Amazon Elastic Container Services (Amazon ECS) now allows you to run Firelens containers as a non-root user, by specifying a User ID in your Task Definition.
Specifying a non-root user with a specific user ID reduces the potential attack footprint by users who may gain access to such software, a security best practice and a compliance requirement by some industries and security services such as the AWS Security Hub. With this release, Amazon ECS allows you to specify a user ID in the "user" field of your Firelens containerDefinition element of your Task Definition, instead of only allowing "user": "0" (root user).
The new capability is supported in all AWS Regions. See the documentation for using Firelens for more details on how to set up your Firelens container to run as non-root.