As a Premier Plan user, you can create custom plugins for the Aqua that will be run against your account along with all of the existing, publicly available plugins. Writing a plugin involves cloning CloudSploit by Aqua's open source repository from GitHub and adding the scans you wish to have executed. Plugins are written in Node.js and make use of the cloud provider APIs. If you'd rather have us write custom plugins on your behalf, please contact us regarding our managed services offerings.
You can find our walkthrough guide for writing a plugin at https://github.com/aquasecurity/cloudsploit#writing-a-plugin
Before getting started, make sure you have:
- Node.js 4.0+ installed
- An AWS account for testing
- An AWS access key/secret for testing
- Git access (to clone our repo)
Writing a Plugin
Once you have followed the steps in our Readme and created your own plugin, you can send it to us in one of several ways:
- If the plugin is something you wish to contribute back to the community and is not specific to your account (for example, it doesn't rely on specific architecture, IP addresses, users, etc.), you can open a pull request against our repository. Someone will review it and respond with any changes required and then merge it in. Your plugin will then become part of our global scans.
- If the plugin is sensitive in nature or just uses custom code that will only work for your account, you can ZIP the entire repository and send it to us via opening a support ticket.
If you have any questions, we're happy to help!