Request a Demo

You can still request to
join our Private Beta. * E-mail is mandatory.

Aqua Blog

Image Scanning in VPCs with Aqua and AWS PrivateLink

blog AWS PrivateLink.png

Amazon Web Services announced today at re:Invent an to a recent feature PrivateLink, that enables AWS Virtual Private Cloud customers to consume apps outside their VPCs through service endpoints, using their own private IP addresses and security groups. This is a non-trivial task since VPCs are made to be isolated, so normally, making an external SaaS application accessible inside a VPC would be mission impossible.

PrivateLink solves that issue by creating a secure line of communication between the designated application and the VPC, but the application must be VPC-enabled to support it. At Aqua we recently launched our Pay-Per-Scan solution for scanning container images on the AWS Marketplace. At the same time, our team has been working diligently with the AWS team to make this offering support PrivateLink, and today we're proud to announce that we are one of the first vendors to support it.

AWSPrivateLink_scanner.png

Aqua Scanner PrivateLink Architecture

An Amazon VPC customer who wants to use the Aqua Scanner doesn't have to do any manual network configuration or use special credentials. All they need to do is subscribe to the Aqua Scanner on AWS Marketplace, and check a box to indicate a VPC deployment. Everything is provisioned and connected automatically within their VPC.

Forrester Report: Ten Basic Steps to Secure Software Containers. Download Today!

The Age of Flexible Security (or Secure Flexibility?)

While cloud applications strive to fulfill the promise of everything on demand, metered and available at a click of a button, they must satisfy the security requirements of enterprise users. Without that, they only offer flexbility in theory, not in practice. 

Likewise, security solutions must become more flexible -- not by relaxing the stringent controls they apply, but in how they are consumed and deployed. This is what our work to support PrivateLink is about. Amazon VPC customers can get on-demand security scanning for their container images from the AWS Marketplace, but still work strictly within the confines of their VPC. They can apply uniform controls across cloud and on-prem environments, and maintain separation between dev, staging and prod environments. Security and flexibility.

The VPC-enabled Aqua image scanner is available on the AWS Marketplace using a pay-per-scan consumption model. Give it a try!

cloud operations, AWS, Image scanning, VPC

Related Posts