Views:

Connect Kubernetes and Amazon ECS clusters, deploy Container Protection policies and proxy settings, and monitor your container environment from Container Inventory.

The following table outlines the options available on this screen.
Type
Tree level
Options
Kubernetes
  • [top]
  • Management service
Add new Kubernetes clusters by clicking Add Cluster (if other clusters have previously been added to the management service) or Deploy protection to a Kubernetes Cluster (if no clusters have previously been added to the management service)
  • [top]
  • Management service
Stop protecting Kubernetes clusters by selecting the radio button next to the cluster name and clicking Remove Cluster.
Note
Note
Removing a cluster from the list does not delete existing data received by Trend Vision One.
Management service > Cluster
Change proxy settings, assign new policies, and map cloud accounts through use of the following:
  • Proxy Settings Tool: Generate a helm script that you can use to deploy new proxy settings to your cluster.
  • Policy: Select from existing Container Protection policies or click View Policy editor in Container Protection App to modify the current policy settings.
  • Map to cloud account: Turn on, specify the required information (ARN, Resource ID), and click Save.
    Hover over the link below the text field to find out how to locate the required information in your management service.
All levels
View details about your container environment
Kubernetes hierarchy:
  • Kubernetes > Management service > Cluster > Node > Pod > Container
Amazon ECS
  • [top]
  • Account
  • Account > Region
Add new Amazon ECS clusters by clicking Add account (if other clusters have previously been added) or Add and protect Amazon ECS assets (if no clusters have previously been added)
Enable or disable runtime security and runtime scanning on multiple clusters
  • Runtime security: Provides visibility into any activity of your running containers that violates a customizable set of rules.
  • Runtime scanning: Provides visibility of operating system and open source code vulnerabilities that are part of containers running in clusters.
Account > Region > Cluster
Assign new policies
  • Policy: Select from existing Container Protection policies or click View Policy editor in Container Protection App to modify the current policy settings.
Enable or disable runtime security and runtime scanning on individual clusters
  • Runtime security: Provides visibility into any activity of your running containers that violates a customizable set of rules.
  • Runtime scanning: Provides visibility of operating system and open source code vulnerabilities that are part of containers running in clusters.
All levels
View details about your container environment
Amazon ECS hierarchy:
  • Amazon ECS > Cloud account > Region > Cluster > Services > Tasks > Containers
Related information