Welcome to Support Portal

TABLE OF CONTENTS

• New plugins
  • Alibaba
  • AWS
  • Azure
• Hot fixes and enhancements
  • AWS

On August 10, 2023, Aqua will release and activate the following new plugins. They can be tested using the Live Run tool and optionally suppressed if required. If you have selected the Suppress All New Plugins option from the Account Settings page, no action is required -- they will be pre-suppressed in your account before release.

New plugins

Alibaba

ACK Log Service Enabled

Ensure that Kubernetes Engine Clusters are configured to enable log service.

Kubernetes Web Dashboard Disabled

Ensure that Kubernetes cluster web UI/Dashboard is not enabled.

Vulnerability Scan Enabled

Ensure that scheduled vulnerability scan is enabled on all servers.

ACK ENI Multiple IP Mode

Ensure ENI multiple IP mode support for Kubernetes Cluster.

ACK Private Cluster Enabled

Ensure that Kubernetes clusters are created with private cluster enabled.

Cloud Monitor Enabled

Ensure Cloud Monitor is enabled on Kubernetes Engine clusters.

AWS

Security Hub Enabled

Ensure that AWS Security Hub is enabled. 

S3 Object Read Logging

Ensure that object-level logging for read events is enabled for S3 bucket.

S3 Object Write Logging

Ensure that object-level logging for write events is enabled for S3 bucket.

ELBv2 TLS Version and Cipher Header Enabled

Ensures that AWS ELBv2 load balancers have TLS version and cipher headers enabled.

OpenSearch Zone Awareness Enabled

Ensure that OpenSearch domains have zone awareness enabled.

Azure

Event Hubs Minimum TLS Version

Ensures Microsoft Azure Event Hubs namespaces do not allow outdated TLS certificate versions.

ACR Anonymous Pull Access Enabled

Ensure that anonymous pull access is not enabled for Azure container registries.

ACR Log Analytics Enabled

Ensure that Azure container registry logs are sent to the Log Analytics workspace.

Front Door Minimum TLS Version

Ensures that Azure Front Door Standard and Premium profile custom domains have minimum TLS version of 1.2.

Front Door Access Logs Enabled

Ensures that Azure Front Door Access Log is enabled.

Storage Account Queue Service Logging Enabled

Ensures that Microsoft Azure Storage Queue service logging is enabled for "Read", "Write", and "Delete" requests.

Storage Account Blob Service Logging Enabled

Ensures that Microsoft Azure Storage Blob service logging is enabled for "Read", "Write", and "Delete" requests.

Storage Account Table Service Logging Enabled

Ensures that Microsoft Azure Storage Table service logging is enabled for "Read", "Write", and "Delete" requests.

Hot fixes and enhancements

Aqua will release the following on August 10, 2023.

AWS

Open Memcached 

Added a setting which will allow to ignore security groups associated with clusters in private subnets.