2.13.0: image admission, registry scan ACR and ECR GA, ECS scan
2.13.0
- Admission Control policy 1.2.0, enforcer 1.5.0:
** Image Admission (new feature) that integrates Admission Control and Image Assurance allowing users to block the deployment of workloads based on the Image Assurance policy. - Image Assurance 2.13.0:
** Registry Scanning for ACR and ECR GA
** Registry listing functionality has been split from engine agent into a separate 'imagescan-list' deployment
** Support for scanner scaling - All features:
** improving telemetry infrastructure
** fluentbit container has been removed from all agents except for Admission Control enforcer & gsl, Runtime Protection daemon. - Resources reduced for:
** Admission Control enforcer and policy
** Image Assurance engine
** Runtime Protection policy
2.12.0: Bottlerocket support; misc enhancements in Inventory, IA, AC, RP
- Support AWS BottleRocket OS by using a flag “--set platform=eks.bottlerocket”
- Inventory 1.5.0: Agent status improvement: discovery of missing permissions for Kubernetes API
- Image Assurance 2.12.0: remove fluentbit container
- Admission Control GSL 1.3.3: update packages
- Runtime Protection daemon 0.0.740:
** Added support for AWS BottleRocket OS
** Updated procedure for Linux kernel headers installation
2.11.1: cace1, manual platform, ECR, OpenShift 3.x, FL defaults
- Image Assurance 2.10.0: support ECR, send platform and last update, Shiftleft version update, support max images per repository limitation
- inventory 1.4.4: fix OpenShift configuration handling, support OpenShift 3.x
- Admission Control GSL 1.3.2: update packages
- Flowlogs 0.6.0: update default reporting interval and max report size
- all agents: telemetry fix
- helm: fix manual platform value, support cace1 datacenter
- Runtime Protection: remove signatureGroup CRD
Full Changelog: 2.10.2...2.13.0