Amazon Web Services announced today at re:Invent an to a recent feature PrivateLink, that enables AWS Virtual Private Cloud customers to consume apps outside their VPCs through service endpoints, using their own private IP addresses and security groups. This is a non-trivial task since VPCs are made to be isolated, so normally, making an external SaaS application accessible inside a VPC would be mission impossible.
PrivateLink solves that issue by creating a secure line of communication between the designated application and the VPC, but the application must be VPC-enabled to support it. At Aqua we recently launched our Pay-Per-Scan solution for scanning container images on the AWS Marketplace. At the same time, our team has been working diligently with the AWS team to make this offering support PrivateLink, and today we're proud to announce that we are one of the first vendors to support it.
Aqua Scanner PrivateLink Architecture
An Amazon VPC customer who wants to use the Aqua Scanner doesn't have to do any manual network configuration or use special credentials. All they need to do is subscribe to the Aqua Scanner on AWS Marketplace, and check a box to indicate a VPC deployment. Everything is provisioned and connected automatically within their VPC.
The Age of Flexible Security (or Secure Flexibility?)
While cloud applications strive to fulfill the promise of everything on demand, metered and available at a click of a button, they must satisfy the security requirements of enterprise users. Without that, they only offer flexbility in theory, not in practice.
Likewise, security solutions must become more flexible -- not by relaxing the stringent controls they apply, but in how they are consumed and deployed. This is what our work to support PrivateLink is about. Amazon VPC customers can get on-demand security scanning for their container images from the AWS Marketplace, but still work strictly within the confines of their VPC. They can apply uniform controls across cloud and on-prem environments, and maintain separation between dev, staging and prod environments. Security and flexibility.
Aqua enables enterprises to secure their virtual container environments from development to production, accelerating container adoption and bridging the gap between DevOps and IT security.
Aqua's Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks, providing transparent, automated security while helping to enforce policy and simplify regulatory compliance.