Scanning Vultr with Aikido

Aikido fully supports protecting workloads on Vultr through specific integrations. A native integration may be added in the future, but you can already achieve full coverage by combining:

Container image scanning for Vultr registry or any other OCI-compatible registry
Kubernetes cluster scanning for Vultr Managed Kubernetes or self-managed clusters
Kubernetes cluster image scanning for Vultr Managed Kubernetes or self-managed clusters
Virtual machine scanning via the Local VM Scanner on Vultr instances

Features

Container image scanning

Vultr’s container registry and most third-party registries you use from Vultr are OCI-compatible, so they can be scanned using Aikido.

Create a read-only or pull-only user in Vultr registry: https://docs.vultr.com/products/container-registry/management/configurations/generate-docker-config

Follow the OCI guide below to configure container image scanning

Generic OCI-Compatible Registry

Kubernetes cluster scanning

If you use Vultr Managed Kubernetes or run your own Kubernetes clusters on Vultr VMs, you can connect them as generic Kubernetes clusters.

Kubernetes Cluster Scanning

Kubernetes cluster image scanning

If you use Vultr Managed Kubernetes or run your own Kubernetes clusters on Vultr VMs, you can scan the images of running containers with Kubernetes image scanning.

Kubernetes In-Cluster Image Scanning

Virtual Machine scanning

To scan Virtual Machines on Vultr, use the Local VM Scanner. It inspects packages, system dependencies and configuration directly on the instance.

Local VM Scanning

You can roll this out centrally using your usual automation tooling (e.g. Ansible, Terraform-provisioned scripts, or cloud-init) so that new Vultr instances are automatically enrolled.

Last updated 7 hours ago

Was this helpful?