Containers-roadmap: [EKS] [request]: Inspecting containers for CVEs

Created on 18 Feb 2019  路  2Comments  路  Source: aws/containers-roadmap

Tell us about your request
There is a service for EC2 to inspect for the CVEs, i.e. AWS Inspector. Similar service is required for EKS containers. In the absence of it, time consuming integration with systems like Clair is required.

Which service(s) is this request for?
EKS

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Currently other solutions like integrating Clair in the CI/CD pipelines needs to be used to do vulnerability analysis on the containers. It is possible to do, but it requires constantly updating Clair database, manual process to manage the results of scans. AWS Inspector can be enhanced to scan components as well. And unifying the CVE scans on EC2 as well as containers.

Are you currently working around this issue?
By using Clair and CI/CD pipeline.

Proposed
Source
picture manpreet-singh-sf

Most helpful comment

This should be solved by ECR image scanning, another item on the containers roadmap: https://github.com/aws/containers-roadmap/issues/17

picture nathanpeck on 18 Feb 2019
👍3

All 2 comments

This should be solved by ECR image scanning, another item on the containers roadmap: https://github.com/aws/containers-roadmap/issues/17

nathanpeck picture nathanpeck on 18 Feb 2019
👍3

Closing this one as it will be solved by https://github.com/aws/containers-roadmap/issues/17

manpreet-singh-sf picture manpreet-singh-sf on 18 Feb 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

chungath picture chungath  路  3Comments
talawahtech picture talawahtech  路  3Comments
ORESoftware picture ORESoftware  路  3Comments
aliabas7 picture aliabas7  路  3Comments
pauldougan picture pauldougan  路  3Comments