Sysdig Cloud Scanning leverages Cloud Audit log like AWS CloudTrail to detect container images that are being pushed to your registries or used in cloud workloads. When a new image is detected, a scanning process can be started to analyze the image and report vulnerabilities directly to Sysdig Secure.

Installation

Sysdig Cloud Connector is part of Sysdig Cloud Security platform. Please check Sysdig Cloud Security site for installation guides on the different cloud providers.

Configuration

The CloudScanning component can be configured by setting the following environment variables:

Common

AWS

AWS Single-account mode

When running CloudScanning in a single account. The role executing the task has required permissions in the account.

Google Cloud Platform