Other: Hybrid Agent Chainguard Container Image
Answered
At Optum/UHG, we are encountering MBO errors related to the utilization of the Fivetran Hybrid Agent within Kubernetes clusters. The root cause appears to be that the container images are not Chainguarded, which is an internal security process required for compliance. This impacts teams that rely on these images for their utilization scores.
Immediate Request:
We would like to disable the auto-update functionality within the Fivetran Hybrid Agent images. This will allow us to pin versions, apply our Chainguard process, and maintain compliance without unexpected updates.
Long-Term Consideration:
Looking ahead, we would appreciate guidance or potential solutions from Fivetran to better support organizations that require image hardening or security validation processes like Chainguard. Any roadmap or best practices for managing version control and security compliance would be helpful.
-
Official comment
Hi Holm Jacob,
Thank you for your request here. We have been discussing ways to allow customers to manage change control with container versions. I'd be curious to learn more about your Chainguard requirement and what your internal processes look like. If you can share more information, it would help us scope and design this capability for Hybrid Deployment.
Also, if you are open to a call to discuss this, that would be very helpful too.
Please sign in to leave a comment.
Comments
1 comment