Posture Control (ZPC)
Integrating Vulnerability Management for Amazon Web Services Accounts
Zscaler Posture Control (ZPC) enables you to integrate the vulnerability management for your Amazon Web Services (AWS) cloud accounts and add the repositories that must be enabled for vulnerability scanning. The integration allows ZPC to scan the container images in the chosen repositories for known security vulnerabilities and display the scan results in the ZPC Admin Portal, so you can remediate the vulnerabilities.
ZPC supports the vulnerability scanning of only the private repositories in AWS.
Prerequisites
You must first onboard your AWS cloud accounts before configuring specific accounts for vulnerability scanning. To learn more, see Onboarding an Amazon Web Services Account.
To integrate the vulnerability management for specific registries in your cloud account:
- Go to Administration > Container Registries & Workloads.
- Click Add Integration.
- Under General Information:
- For Vulnerability Scanning Type, select Cloud Container Registries.
- For Cloud Type, select Amazon Web Services.
- Click Next.
- Under Account Selection:
- Accounts: Select the individual accounts that must be configured for scanning. Use the Search field to search for specific accounts in the list.
- Organizations: Select the accounts within a specific organization that must be configured for scanning. Click the Expand icon (
) to see the list of registries.
- Click Finish.
A message is displayed indicating that the vulnerability management integration is successful. You can set up the vulnerability scanning rule and schedule the scan to run at regular intervals. To learn more, see Adding a Vulnerability Scanning Rule for Container Registries.
