Skip to content
/ aws-container-scans Public

Terraform project which uses eventbridge and codebuild to scan containers based on events.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aaroneast1/aws-container-scans

BranchesTags

Repository files navigation

Trigger Sysdig scan based on aws service events

The project triggers a codebuild job which scans images using Sysdig Secure Vulnerability Agent an image when certain events occur. The project only listens for two types of events for two AWS Services - ECS & ECR.

High Level Diagram (HLD) for solution

High Level Diagram for Cloud Vulnerability Scanning

Events which trigger a scan

ECR Push

{
  "source": ["aws.ecr"],
  "detail-type": ["ECR Image Action"],
  "detail": {
    "action-type":["PUSH"],
    "result": ["SUCCESS"]
  }
}

ECS StartTask

{
  "source": ["aws.ecs"],
  "detail-type": ["ECS Task State Change"],
  "detail": {
    "lastStatus":["PENDING"],
    "desiredStatus":["RUNNING"]
  }
}

How to build the project

Make sure you add the following values before building:

  1. AWS account ID
  2. AWS region
  3. Sysdig Secure Token
  4. Sysdig Secure URL

The following secrets should be setup in secrets managert SYSDIG_SECURE_TOKEN and SYSDIG_SECURE_ENDPOINT.

cd terraform/dev/event-scan
terraform apply

How to destroy the project

cd terraform/dev/event-scan
terraform destroy

About

Terraform project which uses eventbridge and codebuild to scan containers based on events.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages