diff --git a/.mergify.yml b/.mergify.yml
index 16eb822..7388775 100644
--- a/.mergify.yml
+++ b/.mergify.yml
@@ -8,7 +8,5 @@ pull_request_rules:
       - status-success=shellcheck
     actions:
       merge:
-        strict: smart
         method: squash
-        strict_method: merge
         commit_message: title+body
diff --git a/README.md b/README.md
index ba43dae..f406b22 100644
--- a/README.md
+++ b/README.md
@@ -125,6 +125,9 @@ The `check-ecs-exec.sh` found one or more VPC endpoints configured in the VPC fo
 18. **_🔴 VPC Endpoints | CHECK FAILED_**  
 The `check-ecs-exec.sh` doesn't support checking this item for shared VPC subnets using [AWS Resouce Access Manager (AWS RAM)](https://aws.amazon.com/ram/). In short, this may not an issue to use ECS Exec if your ECS task VPC doesn't have any VPC endpoint and the task has proper outbound internet connectivity. Make sure to consult your administrator with the official ECS Exec documentation](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html#ecs-exec-considerations) to find if your VPC need to have an additional VPC endpoint.
 
+19. **🟡 Environment Variables : defined**  
+SSM uses the AWS SDK which uses the [default chain](https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default) when determining authentication. This means if AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY are defined in the environment variables and the permissions there do not provide the required permissions for SSM to work, then the execute-command will fail. It is recomended not to define these environment variables. 
+
 ## Security
 
 See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.
diff --git a/check-ecs-exec.sh b/check-ecs-exec.sh
index 9fd1088..faae64b 100755
--- a/check-ecs-exec.sh
+++ b/check-ecs-exec.sh
@@ -674,4 +674,29 @@ else
   fi
 fi
 
+# 11. Check task definition containers for environment variables AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY
+# if AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY are defined in a container, they will be used by the SSM service
+# if the key defined does not have requirement permissions, the execute-command will not work.
+containerNameList=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[].name")
+idx=0
+printf "${COLOR_DEFAULT}  Environment Variables  | (${taskDefFamily}:${taskDefRevision})\n"
+for containerName in $containerNameList; do
+  printf "       ${COLOR_DEFAULT}$((idx+1)). container \"${containerName}\"\n"
+  # find AWS_ACCESS_KEY
+  printf "       ${COLOR_DEFAULT}- AWS_ACCESS_KEY"
+  AWS_ACCESS_KEY_FOUND=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[${idx}].environment[] | select(.name==\"AWS_ACCESS_KEY\") | .name")
+  case "${AWS_ACCESS_KEY_FOUND}" in
+    *AWS_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined\n";;
+    * ) printf ": ${COLOR_GREEN}not defined\n";;
+  esac
+  # find AWS_SECRET_ACCESS_KEY
+  printf "       ${COLOR_DEFAULT}- AWS_SECRET_ACCESS_KEY"
+  AWS_SECRET_ACCESS_KEY_FOUND=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[${idx}].environment[] | select(.name==\"AWS_SECRET_ACCESS_KEY\") | .name")
+  case "${AWS_SECRET_ACCESS_KEY_FOUND}" in
+    *AWS_SECRET_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined\n";;
+    * ) printf ": ${COLOR_GREEN}not defined\n";;
+  esac
+  idx=$((idx+1))
+done
+
 printf "\n"