Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan GitLab EC2 instance with Amazon Inspector #4189

Closed
hannes-ucsc opened this issue May 13, 2022 · 4 comments
Closed

Scan GitLab EC2 instance with Amazon Inspector #4189

hannes-ucsc opened this issue May 13, 2022 · 4 comments
Assignees
@hannes-ucsc
Labels
+ [priority] High compliance [subject] Information and software security demo [process] To be demonstrated at the end of the sprint demoed [process] Successfully demonstrated to team enh [type] New feature or request gitlab [subject] One of the GitLab instances orange [process] Done by the Azul team

Comments

@hannes-ucsc
Copy link
Member

hannes-ucsc commented May 13, 2022
edited
Loading

Data Browser System Overview - Logging Monitoring(2)

Install SSM agent on the instance (via user data in TF config) and integrate with Amazon Inspector.

Revert #3614
@hannes-ucsc hannes-ucsc added the orange [process] Done by the Azul team label May 13, 2022
@melainalegaspi melainalegaspi added enh [type] New feature or request gitlab [subject] One of the GitLab instances infra [subject] Project infrastructure like CI/CD, build and deployment scripts compliance [subject] Information and software security and removed infra [subject] Project infrastructure like CI/CD, build and deployment scripts labels May 13, 2022
@hannes-ucsc hannes-ucsc mentioned this issue May 17, 2022
Closed
@hannes-ucsc hannes-ucsc mentioned this issue Aug 22, 2022
Open
@hannes-ucsc hannes-ucsc removed the urgent label Dec 8, 2022
@dsotirho-ucsc dsotirho-ucsc mentioned this issue Feb 1, 2023
Closed
@hannes-ucsc hannes-ucsc mentioned this issue Feb 17, 2023
Open
14 tasks
@hannes-ucsc hannes-ucsc added the - [priority] Medium label Feb 21, 2023
@hannes-ucsc hannes-ucsc added + [priority] High and removed - [priority] Medium labels Mar 13, 2023
@dsotirho-ucsc
Copy link
Contributor

Assignee to check blocking relationships for wrong direction.

@hannes-ucsc
Copy link
Member Author

Inverted blocking relationship for #4177. This will enable Amazon Inspector and add scanning of the GitLab EC2 instances. #4177 will add scanning of Docker images.

Removed blocking relationship with #4401. There is no direct dependency between this and that ticket.

@hannes-ucsc
Copy link
Member Author

hannes-ucsc commented Mar 16, 2023
edited
Loading

Turns out SSM Agent is already running on Amazon Linux 2 AMI which we use. This reduces the complexity, and therefore the estimate.

hannes-ucsc added a commit that referenced this issue Mar 16, 2023
@hannes-ucsc
[u] Scan GitLab EC2 instance with Amazon Inspector (#4189)
491a437
hannes-ucsc added a commit that referenced this issue Mar 16, 2023
@hannes-ucsc
[u] Scan GitLab EC2 instance with Amazon Inspector (#4189)
59c2a7d
@hannes-ucsc hannes-ucsc mentioned this issue Mar 17, 2023
Merged
82 tasks
@hannes-ucsc
Copy link
Member Author

hannes-ucsc commented Mar 17, 2023
edited
Loading

For demo, show Amazon Inspector dashboard with evidence that GitLab instance is being scanned in all AWS accounts.

@hannes-ucsc hannes-ucsc added the demo [process] To be demonstrated at the end of the sprint label Mar 17, 2023
dsotirho-ucsc added a commit that referenced this issue Mar 17, 2023
@dsotirho-ucsc
[u] Scan GitLab EC2 instance with Amazon Inspector (#4189, #4751, PR #…
3b8792c 
…5058)
hannes-ucsc added a commit that referenced this issue Mar 19, 2023
@hannes-ucsc
[u] Scan GitLab EC2 instance with Amazon Inspector (#4189)
eaf2b0c
@hannes-ucsc hannes-ucsc mentioned this issue Mar 19, 2023
Merged
82 tasks
hannes-ucsc added a commit that referenced this issue Mar 19, 2023
@hannes-ucsc
[u] Scan GitLab EC2 instance with Amazon Inspector (#4189, PR #5066)
dc53ac4
@hannes-ucsc hannes-ucsc added the demoed [process] Successfully demonstrated to team label Apr 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hannes-ucsc hannes-ucsc

Labels
+ [priority] High compliance [subject] Information and software security demo [process] To be demonstrated at the end of the sprint demoed [process] Successfully demonstrated to team enh [type] New feature or request gitlab [subject] One of the GitLab instances orange [process] Done by the Azul team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hannes-ucsc @theathorn @melainalegaspi @dsotirho-ucsc