standard
turbot/azure_cis
Get Involved
Version
Pipeline: 3.1.4.3 Ensure that 'Agentless container vulnerability assessment' component status is 'On'
Description
Enable automatic vulnerability management for images stored in ACR or running in AKS clusters.
Agentless vulnerability scanning will examine container images - whether running or in storage - for vulnerable configurations.
Remediation
From Azure Portal
- From the Azure Portal
Homepage, selectMicrosoft Defender for Cloud. - Under
ManagementselectEnvironment Settings. - Select a subscription.
- Under
Settings>Defender Plans, clickSettings & monitoring. - Locate the row for
Agentless container vulnerability assessment. - Select
On. - Click
Continuein the top left.
Repeat the above for any additional subscriptions.
Default Value
By default, Microsoft Defender for Containers is Off.
If Defender for Containers is enabled from the Microsoft Defender for Cloud portal, auto provisioning will be enabled.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run azure_cis.pipeline.cis_v300_3_1_4_3Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = azure_cis.pipeline.cis_v300_3_1_4_3 }Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
Outputs
This pipeline has no outputs.
Tags
folder = CIS v3.0.0/3 Security/3.1 Microsoft Defender for Cloud/3.1.4 Defender Plan: Containers