TABLE OF CONTENTS
The Administration area of Workload Protection is accessed from the left-hand menu (under Configuration). It comprises the pages listed below.
The Integrations section of the Aqua UI allows you to configure integrations with several third-party systems.
For information on configuring image registries, see Image Registries.
For all other kinds of integrations, start here, and read the appropriate topic.
The Scanners page allows you to add, view, and manage Scanners that are connected to Aqua. See Scanners for more information.
Application scopes are one of the fundamental building blocks of Role-Based Access Control (RBAC), which is designed to support enterprises consisting of multiple teams working on different projects, with different sets of system resources. RBAC allows system administrators to precisely control, for all users, which system resources the user can edit (create, modify, and delete); view; or not access at all.
The Enforcers screen lists all Enforcer groups of all types.
See Enforcers Screen (UI) for more information about the use of this screen.
For comprehensive information on Enforcers, see Enforcers Overview.
Aqua Gateway(s) handle communication between the Aqua Server and the Aqua Enforcer(s), and use the Aqua Database. The Gateway(s) also interface the Aqua Server with any SIEM/Analytics systems you have integrated with Aqua.
There must be at least one Aqua gateway instance in your environment. Multiple gateways can be deployed for redundancy and load balancing.
The Aqua Gateways page of the UI lists the Aqua gateways deployed in your environment. Starting with this list, you can modify certain Gateway parameters, delete gateways from your environment, or obtain more detailed information about any given Gateway.
See Aqua Gateways for more information.
An Aqua service is a group of workloads, which can be either (but not both) of these types:
- Hosts (VMs)
The workloads that comprise a service at any given time are defined by the scope of the service. Therefore, the workloads (members) of a service can vary over time as workloads are created and terminated.
The main purpose of a service is to apply one or more Firewall Policies to its workloads. These policies contain rules, which either allow or deny (block) outbound or inbound network traffic. The Firewall Policies associated with a service can include predefined (default) policies or custom policies that you have defined.
For more information, see Secrets.
You can define one or more Aqua labels to tag images and secrets. See Aqua Labels for more information.