aws-samples / amazon-eks-use-sbom-to-find-container-image-with-vulnerable-software
This repo hosts Terraform code for generating and analyzing Software Bill of Materials (SBOM) for Amazon ECR images. It helps identify Amazon EKS images with vulnerable software components using Amazon Athena.
☆15Updated last year
Alternatives and similar repositories for amazon-eks-use-sbom-to-find-container-image-with-vulnerable-software:
Users that are interested in amazon-eks-use-sbom-to-find-container-image-with-vulnerable-software are comparing it to the libraries listed below
- Rego policies for enterprise-scale Compliance-as-Code with OPA Conftest.☆58Updated last year
- *READY TO USE* Terraform baseline for implementing essential AWS security best practices, including Organizations, SSO, MFA, SCPs, Budget…☆23Updated 4 months ago
- Run compliance and security controls to detect Terraform AWS resources deviating from security best practices prior to deployment using P…☆27Updated 4 months ago
- The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the…☆40Updated 2 years ago
- Use SQL to instantly query resources, data sources and more from Terraform code. Open source CLI. No DB required.☆29Updated 2 weeks ago
- ☆41Updated 2 years ago
- Automating Terraform with the power of make.☆24Updated this week
- Slack alert bot for matching Github Audit Events☆10Updated 3 months ago
- A tool to show what AWS account and identity you're using.☆57Updated last year
- ☆41Updated last year
- Trust Dexter to ensure that all your images are pinned by digest for better security☆29Updated last year
- SCP management tool☆131Updated last year
- vexctl is a tool to attest VEX impact statements☆44Updated last year
- Awesome AWS service control policies (SCPs)☆24Updated 3 weeks ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆61Updated last year
- An SBOM query language and associated utilities☆54Updated last year
- Crowdsourced list of sensitive IAM Actions☆141Updated 4 months ago
- ☆21Updated last year
- Cloud governance reports from native services in a clear and readable digest☆29Updated last year
- Tag instances & databases with cron-style stop/start schedules to cut AWS costs. Also schedule EBS, EC2 & RDS backups, plus CloudFormatio…☆35Updated 2 years ago
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated last week
- Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters u…☆32Updated 4 months ago
- CLI tool for providing AWS credentials to a container from the host☆23Updated last year
- ☆16Updated 11 months ago
- AWS VPC Subnets Watcher☆76Updated last year
- Terraform module to provision Service Control Policies (SCP) for AWS Organizations, Organizational Units, and AWS accounts☆50Updated last week
- CLI tool for Amazon ECR☆17Updated last year
- All Aqua deployments options and aquactl configuration☆58Updated last week
- Open-source proof-of-concept client for AWS IAM Roles Anywhere☆71Updated 2 years ago
- Creates needed resources for federating access between a GCP service account and AWS IAM role.☆28Updated 11 months ago