Serverless Agent Release Notes
For Installation and Upgrade steps, see AWS Fargate Serverless Agents.
Supported Web Browsers
Sysdig supports, tests, and verifies the latest versions of Chrome and Firefox.
Other browsers may also work, but are not tested in the same way.
2.2.0 December 2, 2021
Fixed Workload Agent Start Issue
The system no longer allows the workload agent to connect to the orchestrator agent if policies have not been loaded. This prevents the workload from starting without policies in place in the event of network disruption.
Easier Setup of Alternative Port for Orchestrator
Because the 6667 port is hardcoded in multiple places in the orchestrator CTF, users who needed to assign a different port to the orchestrator agent faced a cumbersome process. The orchestrator port can now be configured via either
SYSDIG_ORCHESTRATOR_PORT (default) or the
SysdigOrchestratorAgentPort (new) parameter in the CloudFormation template.
Instrumentation Logs Collected Separately from Workload Logs
Fargate instrumentation logs are by default collected in a separate log group, which is created when installing the CFN instrumentation macro.
2.1.0 September 27, 2021
Fixed Task Stall Issue
Fixed a memory leak in the Serverless Agent instrumentation that could cause the instrumented task to stall. The problem is more likely to be encountered when a large number of captures are generated in quick succession.
Resolved an Agent Error when Reading File Descriptors
Reduced the log level of a benign warning message to debug.
2.0.0 July 7, 2021
Announcing the availability of the Captures feature in Fargate.
Fixed/Enabled Policy Scoping on Instrumented Fargate Tasks
At this time, only container-related scope labels such as
container.name are supported.
Delay Event Source Startup by Default
The system now waits for policies to be available before launching the instrumented task, to fully secure workloads
Fixed Exit Codes for Faulty Workloads
The exit codes of the instrumented tasks are now faithfully propagated.
Better Handling of cmd and entrypoint Errors
Log more informative errors when
entrypoint are not
available for serverless agent instrumentation.
Fixed S3 Bucket Error
Fixed an issue in the serverless agent installer that caused a failure while attempting to create an S3 bucket in us-east-1 region.
1.0.1 April 15, 2021
Segmentation Fault Error Fixed
Fixed a problem that caused a segmentation fault error inside a Fargate task due to Sysdig instrumentation.
Container Definition Fields Now Support Complex Values
Added support for complex values inside
Image fields of the
container definition. See also the ECS Task Definition
March 15, 2021: Serverless Agents Introduced
Sysdig Serverless Agent 1.0.0 for Fargate ECS
The “container-as-a-service” serverless environment calls for new agent models, and Sysdig provides them. Whereas in ECS, users still manage the underlying instances, with AWS Fargate the host is never visible and users simply run their workloads. And while this model is convenient, it can introduce risk as many people leave the containers unattended, without monitoring security events within that can exfiltrate secrets, compromise business data, impact performance, and increase their AWS costs. In addition, it is not possible to install a standard agent in an environment where you do not have access to a host.
For these reasons, Sysdig has introduced a new “serverless agent” model that can be deployed in these container-based cloud environments. The first implementation is for Fargate (ECS).
Sysdig will be rolling out security features on the serverless agent over time. In v1.0.0, users will see:
Runtime Policies and Rules
To obtain secure event information and the associated Falco policies and rules in the Sysdig Secure UI from a Fargate environment, users install the serverless agent using a CloudFormation Template. Then log in to Sysdig Secure and review the events in the UI.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.