The November 2021 SaaS Update Release includes the following changes with respect to the previous SaaS product release.
User Access Control Policies
- The definition and usage of User Access Control Policies have been deprecated. They are not relevant to Kubernetes environments and have not been fully supported in recent versions of Aqua.
- However, it is possible to define Secrets Access Policies (under Administration > Secrets). Aqua Enforcers can use these to limit access to secrets to containers that belong to specific Aqua services.
- If you upgrade from previous versions, all existing User Access Control Policies rule-secret-access rules will automatically be converted to the new built-in rule-secret-access policy.
- The Workloads > Containers screen UI and behavior more closely resemble the other Workloads screens: VMs and Kubernetes Resources. It uses the unified risk indicator to show security issues and risks at the container level.
- The column "Container Issues" has been replaced with "Security Risks", which shows different signs of risks at the container level: runtime security events, malware, vulnerabilities, sensitive data, and misconfigurations.
- Advanced filtering: Clicking on the "funnel" icon will bring up a pop-up window titled Filter By:. You can use this to filter the list of containers by any or all of these optional criteria:
- Application scope
- Image name
- Container name
- Host (on which the container is running) name
- Cluster name
- Controller name
- Pod name
- Cloud Foundry: application, space, organization
- Security Filters: a specific vulnerability, container registration status, workload image compliance status, the highest severity of any security risk found in the container (critical, high, medium, low, or negligible), type of security risk
Select or enter text into the filters of interest, and click Filter.
To refine your filtering, repeat the process; the newly created filters will be added to the existing set.
Did you find it helpful?Send feedback