Comment 3 for bug 1868363

There are several examples of AppArmor profiles allowing execution of scripts in /etc:

https://codesearch.debian.net/search?q=%28%3Fm%29%5E+*%2Fetc.*+.*x%2C%24&literal=0

so I don't think it goes against any AppArmor policy or best practice.