Inventory/Overview | TrendAI™

Views:

Connect Kubernetes and Amazon ECS clusters, deploy Container Protection policies and proxy settings, create and manage Kubernetes cluster groups, and monitor your container environment from Inventory/Overview.

Different options are available for Kubernetes and Amazon ECS clusters. The options are outlined in the tables below.

Tip

You can find assets by using the search function or clicking the filter icon () to apply filters by column headings.
You can create, manage, and assign tags to any cluster by clicking Add filter → Tags. For more information on tags, see Tag Management.

Inventory overview

Select Kubernetes or Amazon ECS to view a complete overview of all of your connected clusters.

Kubernetes

Inventory overview provides a complete picture of your cluster status, including the number of nodes, pods, containers, and images in your environment. You can also view the details for all of your Kubernetes clusters, as well as search and apply filters to query your cluster resources using specific criteria. For example, you could apply filters to show only the clusters with an unhealthy status.

In Security findings overview, view a quick summary of all your policy violations or click Show more for more details. You can see a summary for Deployment and Continuous, Runtime Security, Runtime findings for vulnerabilities, malware, and secrets, file integrity monitoring, and compliance. Click the security finding number to see more details about the findings on the Log page.

Amazon ECS

Inventory overview provides a complete picture of your cluster status, including the number of services, tasks, containers, and images in your environment. You can also view the details for all of your Amazon ECS clusters, as well as search and apply filters to query your cluster resources using specific criteria. For example, you could apply filters to show only the clusters with an unhealthy status.

In Security findings overview, view a quick summary of all your policy violations or click Show more for more details about Runtime Security and Runtime Vulnerabilities. Click the security finding number to see more details about the findings on the Log page.

Kubernetes

The following table outlines the options available for Kubernetes clusters.

Option

Description

View details about your container environment

Select an orchestration platform within Kubernetes to view the inventory overview for the clusters in that platform.

The following orchestrations platforms are available:

Amazon EKS
Alibaba Cloud ACK
Microsoft AKS
Google Cloud GKE
Self-managed

Add new Kubernetes clusters

Select an orchestration platform from the tree. Click Add Cluster (if clusters have previously been added to the orchestration platform) or Deploy protection to a Kubernetes Cluster (if no clusters have previously been added to the orchestration platform).

For detailed instructions, see:

Stop protecting Kubernetes clusters

Select Kubernetes or an orchestration platform from the tree, select the radio button next to the cluster name, and then click Remove Cluster.

Note

Removing a cluster from the list does not delete existing data received by Trend Vision One.

Create and manage cluster groups

Organize Kubernetes clusters into groups for enhanced control and streamlined management.

Create a new group: Select the options icon () next to the orchestration platform or an existing group. The new group will be created within the selected group.
Create a new cluster within a group: Select a group from the tree and click Add Cluster or Deploy protection to a Kubernetes Cluster. The new cluster will be added within the selected group.
Move clusters to a different group: Select the orchestration platform from the tree and then select the clusters from the list. Click Change Cluster Group and then follow the on-screen instructions.

Note

You can only move clusters between groups that are the same type. For example, you cannot move an EKS cluster to an AKS group.
Edit group settings: Click the options icon () next to the group to rename, or remove the group.

Note

Asset Visibility Scope supports this feature by allowing specific permissions to be assigned by groups, facilitating more efficient management of clusters.

Change cluster settings

Select a cluster from the tree to manage settings. You can change the following settings.

Modify proxy settings: Generate a Helm script that you can use to deploy new proxy settings to your cluster.
Policy: Select from existing Container Security policies or click Manage policies to modify the current policy settings.
Map to cloud account: Turn on, specify the required information (ARN, Resource ID), and click Save.

Hover over the link below the text field to find out how to locate the required information in your management service.

Set cluster protection status by version gap

This setting changes the cluster protections status to "unhealthy" when a current deployed version falls behind the latest release or minor version update by a predefined version gap.

To enable this setting and set a version gap for clusters, select a Kubernetes cluster, then click on the gear icon on the top right of the screen.

Note

For more accurate version information, we recommend installing version 3.1.4 of the Fargate Injector. This ensures that the displayed version number for the cluster is more precise.

Amazon ECS

The following table outlines the options available for Amazon ECS cluster.

Option	Options
View details about your container environment	Container Security provides a tree view to manage the protection of all your connected Amazon ECS clusters.
Add new Amazon ECS clusters	Select Amazon ECS, a cloud account, or a region from the tree. Click Add account (if other clusters have previously been added) or Add and protect Amazon ECS assets (if no clusters have previously been added). For detailed instructions, see: Protect Amazon ECS clusters using a new AWS account Set up connected Amazon ECS Fargate clusters
Enable or disable runtime security and scanning on clusters	Select one or more clusters from the tree, then click Edit in Cluster details to enable or disable Runtime Security or Runtime Vulnerability Scanning. Runtime security: Provides visibility into any activity of your running containers that violates a customizable set of rules. Runtime Vulnerability Scanning: Provides visibility of operating system and open source code vulnerabilities that are part of containers running in clusters.
Assign new policies	Select a cluster from the tree and click Edit in Cluster details. In the Policy field, select from existing Container Security policies or click Manage policies to modify the current policy settings.
Set cluster protection status by version gap	This setting changes the cluster protections status to "unhealthy" when a current deployed version falls behind the latest release or minor version update by a predefined version gap. To enable this setting and set a version gap for clusters, select a cluster, then click on the gear icon on the top right of the screen.