App-Embedded Defenders can scan their workloads for compliance issues.
App-Embedded Defender support the following types of compliance checks:
- Image compliance checks.
- Custom compliance checks.
To see compliance scan reports, go to
Monitor > Compliance > Images > Deployed. You can filter the table by:
- App-Embedded: Select— Narrows the results to just images protected by App-Embedded Defenders.
- App ID— Narrows the list to specific images. App IDs are listed under the table’sAppscolumn.For ECS Fargate tasks, the App ID is partially constructed from the task name. AWS Fargate tasks can run multiple containers. All containers in a Fargate task have the same App ID.For all other workloads protected by App-Embedded Defender, the App ID is partially constructed from app name, which is a deploy-time configuration set in the App ID field of the embed workflow.