Defender for Containers support
This article summarizes support information for the Defender for Containers plan in Microsoft Defender for Cloud.
Note
Specific features are in preview. The Azure Preview Supplemental Terms include other legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
Azure (AKS)
| Feature | Supported Resources | Linux release state | Windows release state | Agentless/Agent-based | Pricing Tier | Azure clouds availability |
|---|---|---|---|---|---|---|
| Agentless discovery for Kubernetes | ACR, AKS | GA | GA | Agentless | Defender for Containers or Defender CSPM | Azure commercial clouds |
| Compliance-Docker CIS | VM, Virtual Machine Scale Set | GA | - | Log Analytics agent | Defender for Servers Plan 2 | Commercial clouds National clouds: Azure Government, Microsoft Azure operated by 21Vianet |
| Vulnerability assessment (powered by Qualys) - registry scan OS packages | ACR, Private ACR | GA | Preview | Agentless | Defender for Containers | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Vulnerability assessment (powered by Qualys) -registry scan language packages | ACR, Private ACR | Preview | - | Agentless | Defender for Containers | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Vulnerability assessment (powered by Qualys) - running images | AKS | GA | Preview | Defender agent | Defender for Containers | Commercial clouds |
| Vulnerability assessment powered by MDVM - registry scan | ACR, Private ACR | Preview | Agentless | Defender for Containers | Commercial clouds | |
| Vulnerability assessment powered by MDVM - running images | AKS | Preview | Defender agent | Defender for Containers | Commercial clouds | |
| Hardening (control plane) | ACR, AKS | GA | Preview | Agentless | Free | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Hardening (Kubernetes data plane) | AKS | GA | - | Azure Policy | Free | Commercial clouds National clouds: Azure Government,Azure operated by 21Vianet |
| Runtime threat detection (control plane) | AKS | GA | GA | Agentless | Defender for Containers | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Runtime threat detection (workload) | AKS | GA | - | Defender agent | Defender for Containers | Commercial clouds |
| Discovery/provisioning-Unprotected clusters | AKS | GA | GA | Agentless | Free | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Discovery/provisioning-Collecting control plane threat data | AKS | GA | GA | Agentless | Defender for Containers | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Discovery/provisioning-Defender agent auto provisioning | AKS | GA | - | Agentless | Defender for Containers | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
| Discovery/provisioning-Azure Policy for Kubernetes auto provisioning | AKS | GA | - | Agentless | Free | Commercial clouds National clouds: Azure Government, Azure operated by 21Vianet |
Registries and images support for Azure - powered by Qualys
| Aspect | Details |
|---|---|
| Registries and images | Supported • ACR registries protected with Azure Private Link (Private registries requires access to Trusted Services) • Windows images using Windows OS version 1709 and above (Preview). This is free while it's in preview, and will incur charges (based on the Defender for Containers plan) when it becomes generally available. Unsupported • Super-minimalist images such as Docker scratch images • "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS • Images with Open Container Initiative (OCI) Image Format Specification • Providing image tag information for multi-architecture images is currently unsupported |
| OS Packages | Supported • Alpine Linux 3.12-3.16 • Red Hat Enterprise Linux 6, 7, 8 • CentOS 6, 7 • Oracle Linux 6, 7, 8 • Amazon Linux 1, 2 • openSUSE Leap 42, 15 • SUSE Enterprise Linux 11, 12, 15 • Debian GNU/Linux wheezy, jessie, stretch, buster, bullseye • Ubuntu 10.10-22.04 • FreeBSD 11.1-13.1 • Fedora 32, 33, 34, 35 |
| Language specific packages (Preview) (Only supported for Linux images) |
Supported • Python • Node.js • .NET • JAVA • Go |
Registries and images for Azure - powered by MDVM
| Aspect | Details |
|---|---|
| Registries and images | Supported • ACR registries • ACR registries protected with Azure Private Link (Private registries requires access to Trusted Services) • Container images in Docker V2 format Unsupported • Super-minimalist images such as Docker scratch images • "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS is currently unsupported • Images with Open Container Initiative (OCI) image format specification • Windows images |
| OS Packages | Supported • Alpine Linux 3.12-3.16 • Red Hat Enterprise Linux 6-9 • CentOS 6-9 • Oracle Linux 6-9 • Amazon Linux 1, 2 • openSUSE Leap, openSUSE Tumbleweed • SUSE Enterprise Linux 11-15 • Debian GNU/Linux 7-12 • Ubuntu 12.04-22.04 • Fedora 31-37 • Mariner 1-2 |
| Language specific packages |
Supported • Python • Node.js • .NET • JAVA • Go |
Kubernetes distributions and configurations - Azure
| Aspect | Details |
|---|---|
| Kubernetes distributions and configurations | Supported • Azure Kubernetes Service (AKS) with Kubernetes RBAC Supported via Arc enabled Kubernetes 1 2 • Azure Kubernetes Service hybrid • Kubernetes • AKS Engine • Azure Red Hat OpenShift |
1 Any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters should be supported, but only the specified clusters have been tested on Azure.
2 To get Microsoft Defender for Containers protection for your environments, you need to onboard Azure Arc-enabled Kubernetes and enable Defender for Containers as an Arc extension.
Note
For additional requirements for Kubernetes workload protection, see existing limitations.
Private link restrictions
Defender for Containers relies on the Defender agent for several features. The Defender agent doesn't support the ability to ingest data through Private Link. You can disable public access for ingestion, so that only machines that are configured to send traffic through Azure Monitor Private Link can send data to that workstation. You can configure a private link by navigating to your workspace > Network Isolation and setting the Virtual networks access configurations to No.
Allowing data ingestion to occur only through Private Link Scope on your workspace Network Isolation settings, can result in communication failures and partial converge of the Defender for Containers feature set.
Learn how to use Azure Private Link to connect networks to Azure Monitor.
AWS (EKS)
| Domain | Feature | Supported Resources | Linux release state | Windows release state | Agentless/Agent-based | Pricing tier |
|---|---|---|---|---|---|---|
| Compliance | Docker CIS | EC2 | Preview | - | Log Analytics agent | Defender for Servers Plan 2 |
| Vulnerability Assessment | Registry scan | ECR | Preview | - | Agentless | Defender for Containers |
| Vulnerability Assessment | View vulnerabilities for running images | - | - | - | - | - |
| Hardening | Control plane recommendations | - | - | - | - | - |
| Hardening | Kubernetes data plane recommendations | EKS | Preview | - | Azure Policy for Kubernetes | Defender for Containers |
| Runtime protection | Threat detection (control plane) | EKS | Preview | Preview | Agentless | Defender for Containers |
| Runtime protection | Threat detection (workload) | EKS | Preview | - | Defender agent | Defender for Containers |
| Discovery and provisioning | Discovery of unprotected clusters | EKS | Preview | - | Agentless | Free |
| Discovery and provisioning | Collection of control plane threat data | EKS | Preview | Preview | Agentless | Defender for Containers |
| Discovery and provisioning | Auto provisioning of Defender agent | - | - | - | - | - |
| Discovery and provisioning | Auto provisioning of Azure Policy for Kubernetes | - | - | - | - | - |
Images support - AWS
| Aspect | Details |
|---|---|
| Registries and images | Unsupported • Images that have at least one layer over 2 GB • Public repositories and manifest lists • Images in the AWS management account aren't scanned so that we don't create resources in the management account. |
Kubernetes distributions/configurations support - AWS
| Aspect | Details |
|---|---|
| Kubernetes distributions and configurations | Supported • Amazon Elastic Kubernetes Service (EKS) Supported via Arc enabled Kubernetes 1 2 • Kubernetes |
1 Any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters should be supported, but only the specified clusters have been tested.
2 To get Microsoft Defender for Containers protection for your environments, you need to onboard Azure Arc-enabled Kubernetes and enable Defender for Containers as an Arc extension.
Note
For additional requirements for Kubernetes workload protection, see existing limitations.
Private link restrictions
Defender for Containers relies on the Defender agent for several features. The Defender agent doesn't support the ability to ingest data through Private Link. You can disable public access for ingestion, so that only machines that are configured to send traffic through Azure Monitor Private Link can send data to that workstation. You can configure a private link by navigating to your workspace > Network Isolation and setting the Virtual networks access configurations to No.
Allowing data ingestion to occur only through Private Link Scope on your workspace Network Isolation settings, can result in communication failures and partial converge of the Defender for Containers feature set.
Learn how to use Azure Private Link to connect networks to Azure Monitor.
Outbound proxy support
Outbound proxy without authentication and outbound proxy with basic authentication are supported. Outbound proxy that expects trusted certificates is currently not supported.
GCP (GKE)
| Domain | Feature | Supported Resources | Linux release state | Windows release state | Agentless/Agent-based | Pricing tier |
|---|---|---|---|---|---|---|
| Compliance | Docker CIS | GCP VMs | Preview | - | Log Analytics agent | Defender for Servers Plan 2 |
| Vulnerability Assessment | Registry scan | - | - | - | - | - |
| Vulnerability Assessment | View vulnerabilities for running images | - | - | - | - | - |
| Hardening | Control plane recommendations | GKE | GA | GA | Agentless | Free |
| Hardening | Kubernetes data plane recommendations | GKE | Preview | - | Azure Policy for Kubernetes | Defender for Containers |
| Runtime protection | Threat detection (control plane) | GKE | Preview | Preview | Agentless | Defender for Containers |
| Runtime protection | Threat detection (workload) | GKE | Preview | - | Defender agent | Defender for Containers |
| Discovery and provisioning | Discovery of unprotected clusters | GKE | Preview | - | Agentless | Free |
| Discovery and provisioning | Collection of control plane threat data | GKE | Preview | Preview | Agentless | Defender for Containers |
| Discovery and provisioning | Auto provisioning of Defender agent | GKE | Preview | - | Agentless | Defender for Containers |
| Discovery and provisioning | Auto provisioning of Azure Policy for Kubernetes | GKE | Preview | - | Agentless | Defender for Containers |
Kubernetes distributions/configurations support - GCP
| Aspect | Details |
|---|---|
| Kubernetes distributions and configurations | Supported • Google Kubernetes Engine (GKE) Standard Supported via Arc enabled Kubernetes 1 2 • Kubernetes Unsupported • Private network clusters • GKE autopilot • GKE AuthorizedNetworksConfig |
1 Any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters should be supported, but only the specified clusters have been tested.
2 To get Microsoft Defender for Containers protection for your environments, you need to onboard Azure Arc-enabled Kubernetes and enable Defender for Containers as an Arc extension.
Note
For additional requirements for Kubernetes workload protection, see existing limitations.
Private link restrictions
Defender for Containers relies on the Defender agent for several features. The Defender agent doesn't support the ability to ingest data through Private Link. You can disable public access for ingestion, so that only machines that are configured to send traffic through Azure Monitor Private Link can send data to that workstation. You can configure a private link by navigating to your workspace > Network Isolation and setting the Virtual networks access configurations to No.
Allowing data ingestion to occur only through Private Link Scope on your workspace Network Isolation settings, can result in communication failures and partial converge of the Defender for Containers feature set.
Learn how to use Azure Private Link to connect networks to Azure Monitor.
Outbound proxy support
Outbound proxy without authentication and outbound proxy with basic authentication are supported. Outbound proxy that expects trusted certificates is currently not supported.
On-premises, Arc-enabled Kubernetes clusters
| Domain | Feature | Supported Resources | Linux release state | Windows release state | Agentless/Agent-based | Pricing tier |
|---|---|---|---|---|---|---|
| Compliance | Docker CIS | Arc enabled VMs | Preview | - | Log Analytics agent | Defender for Servers Plan 2 |
| Vulnerability Assessment | Registry scan - OS packages | ACR, Private ACR | GA | Preview | Agentless | Defender for Containers |
| Vulnerability Assessment | Registry scan - language specific packages | ACR, Private ACR | Preview | - | Agentless | Defender for Containers |
| Vulnerability Assessment | View vulnerabilities for running images | - | - | - | - | - |
| Hardening | Control plane recommendations | - | - | - | - | - |
| Hardening | Kubernetes data plane recommendations | Arc enabled K8s clusters | Preview | - | Azure Policy for Kubernetes | Defender for Containers |
| Runtime protection | Threat detection (control plane) | Arc enabled K8s clusters | Preview | Preview | Defender agent | Defender for Containers |
| Runtime protection for supported OS | Threat detection (workload) | Arc enabled K8s clusters | Preview | - | Defender agent | Defender for Containers |
| Discovery and provisioning | Discovery of unprotected clusters | Arc enabled K8s clusters | Preview | - | Agentless | Free |
| Discovery and provisioning | Collection of control plane threat data | Arc enabled K8s clusters | Preview | Preview | Defender agent | Defender for Containers |
| Discovery and provisioning | Auto provisioning of Defender agent | Arc enabled K8s clusters | Preview | Preview | Agentless | Defender for Containers |
| Discovery and provisioning | Auto provisioning of Azure Policy for Kubernetes | Arc enabled K8s clusters | Preview | - | Agentless | Defender for Containers |
Registries and images support - on-premises
| Aspect | Details |
|---|---|
| Registries and images | Supported • ACR registries protected with Azure Private Link (Private registries requires access to Trusted Services) • Windows images using Windows OS version 1709 and above (Preview). This is free while it's in preview, and will incur charges (based on the Defender for Containers plan) when it becomes generally available. Unsupported • Super-minimalist images such as Docker scratch images • "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS • Images with Open Container Initiative (OCI) Image Format Specification • Providing image tag information for multi-architecture images is currently unsupported |
| OS Packages | Supported • Alpine Linux 3.12-3.15 • Red Hat Enterprise Linux 6, 7, 8 • CentOS 6, 7 • Oracle Linux 6, 7, 8 • Amazon Linux 1, 2 • openSUSE Leap 42, 15 • SUSE Enterprise Linux 11, 12, 15 • Debian GNU/Linux wheezy, jessie, stretch, buster, bullseye • Ubuntu 10.10-22.04 • FreeBSD 11.1-13.1 • Fedora 32, 33, 34, 35 |
| Language specific packages (Preview) (Only supported for Linux images) |
Supported • Python • Node.js • .NET • JAVA • Go |
Kubernetes distributions and configurations
| Aspect | Details |
|---|---|
| Kubernetes distributions and configurations | Supported via Arc enabled Kubernetes 1 2 • Azure Kubernetes Service hybrid • Kubernetes • AKS Engine • Azure Red Hat OpenShift • Red Hat OpenShift (version 4.6 or newer) • VMware Tanzu Kubernetes Grid • Rancher Kubernetes Engine |
1 Any Cloud Native Computing Foundation (CNCF) certified Kubernetes clusters should be supported, but only the specified clusters have been tested.
2 To get Microsoft Defender for Containers protection for your environments, you need to onboard Azure Arc-enabled Kubernetes and enable Defender for Containers as an Arc extension.
Note
For additional requirements for Kubernetes workload protection, see existing limitations.
Supported host operating systems
Defender for Containers relies on the Defender agent for several features. The Defender agent is supported on the following host operating systems:
- Amazon Linux 2
- CentOS 8
- Debian 10
- Debian 11
- Google Container-Optimized OS
- Mariner 1.0
- Mariner 2.0
- Red Hat Enterprise Linux 8
- Ubuntu 16.04
- Ubuntu 18.04
- Ubuntu 20.04
- Ubuntu 22.04
Ensure your Kubernetes node is running on one of the verified supported operating systems. Clusters with different host operating systems, only get partial coverage.
Defender agent limitations
The Defender agent is currently not supported on ARM64 nodes.
Network restrictions
Private link
Defender for Containers relies on the Defender agent for several features. The Defender agent doesn't support the ability to ingest data through Private Link. You can disable public access for ingestion, so that only machines that are configured to send traffic through Azure Monitor Private Link can send data to that workstation. You can configure a private link by navigating to your workspace > Network Isolation and setting the Virtual networks access configurations to No.
Allowing data ingestion to occur only through Private Link Scope on your workspace Network Isolation settings, can result in communication failures and partial converge of the Defender for Containers feature set.
Learn how to use Azure Private Link to connect networks to Azure Monitor.
Outbound proxy support
Outbound proxy without authentication and outbound proxy with basic authentication are supported. Outbound proxy that expects trusted certificates is currently not supported.
Next steps
Feedback
Submit and view feedback for