Enable Container Security on your connected AWS accounts to start protecting your Amazon ECS containers.
Procedure
- Go to .
- Click the name of your existing AWS account in the list.The Cloud Account Settings panel opens.
- Click the Stack Update tab.
- Review each security feature and enable the features to apply to your Amazon
ECS cluster.
Important
You must turn on Container Security for Amazon ECS for Container Security protection.FeatureDescriptionCore FeaturesThe core set of features and permissions required to connect your AWS accountCore features enable you to connect your AWS account to Trend Vision One to discover your cloud assets and rapidly identify risks such as compliance and security best practice violations on your cloud infrastructure.Note
Core features are required to connect your AWS account and cannot be disabled. If you need to disconnect your account, see AWS accountsAgentless Vulnerability & Threat DetectionThe feature and permission set to enable Attack Surface Risk Management (ASRM) capabilities for your accountThis feature set allows Trend Vision One to deploy Agentless Vulnerability & Threat Detection in your AWS account to discover vulnerabilities and malware in AWS EBS volumes attached to EC2 instances, ECR images, and Lambda functions with zero impact to your applications. To learn more, see Agentless Vulnerability & Threat Detection.Container Protection for Amazon ECSImportant
Required for Container Security protectionThe feature and permission set to view and protect your containersThis feature set allows Container Security to connect and deploy components to your AWS account to protect your containers and container images in Elastic Container Service (ECS) environments.Important
-
As of November 2023, AWS private and freemium accounts only allow a maximum of 10 Lambda executions. Container Protection deployment requires at least 20 concurrent Lambda executions. Please verify your AWS account status before enabling this feature.
-
At this time, the ECS runtime vulnerability scanning feature does not support scanning ECR images installed on AWS accounts where Container Security is not installed.
Cloud Detections for AWS CloudTrailThe feature and permission set to enable XDR for Cloud to monitor Cloud Audit Logs for your accountThis feature set enables XDR monitoring of your cloud account to gain actionable insight into user, service, and resource activity with detection models identifying activity such as privilege escalation, password modification, and other attack techniques. Detections generated by this feature can be viewed in the Search and Workbench apps.This feature requires additional configuration of your CloudTrail settings. For more information, see CloudTrail configuration.Note
XDR for Cloud requires credits to use. Click the Credit Settings icon () to manage your data allowance limit and allocated credits and view a graph of past data usage.Cloud Response for AWSThe feature and permission set to allow response actions for your accountThis feature set allows Trend Vision One permission to take response actions to contain incidents within your cloud account, such as revoking access for suspicious IAM users. Additional response actions leverage integration with third party ticketing systems. Response actions can be taken from the context menu in the Workbench app.This feature requires enabling XDR for Cloud - AWS CloudTrail for your account. -
- Obtain the necessary S3 URL which contains all the configured template changes needed to update the stack in your AWS account by clicking Copy S3 URL.
- In another browser tab, sign in to the AWS account that you are updating.
Important
The following AWS instructions were valid as of February 21, 2024. For further help, check your Amazon documentation. - Go to CloudFormation and click your stack name.
Tip
You can locate the stack name by viewing the Cloud Account Settings Stack Update tab in the Trend Vision One console. - Click Update.
- Select Replace current template and paste the copied S3 URL.
- Deploy the template to complete the update.
- In the Trend Vision One console, complete the update in the
Cloud Account Settings
Stack Update tab by clicking Save
Changes.Allow some time for the stack update progress to complete before proceeding. Once the stack update process is complete, you can begin assigning policies to your clusters.