➹ New Feature implementation request

Is your feature request related to a problem?

Automatically detecting changes in infrastructure currently only works for services/containers deployed to kubernetes using the autodiscovery. External resources, directly hosted by cloud providers, cannot be detected.

Describe the solution you'd like

The secureCodeBox should add a cloud autodiscovery to enable monitoring cloud providers for changes. Because a general solution for multiple cloud providers at once seems inconvenient, AWS is a good first step.

Describe alternatives you've considered

Additional context

Steps to take:

• Design a possible high level architecture
• Implement change detection and AWS monitoring
• Implement kubernetes updates
• AWS state tracking for only one scan per image used
• Basic unit and integration tests (using envtest)
• Project structure (Dockerfile, Helm chart)
• AWS access from Docker container
• Configurable ScanType for ScheduledScans
• Combine autodiscovery with SBOM workflow

Steps excluded from the scope of the MVP:

• Implement AWS state synchronization and initial sync
• Local message buffer and reordering (EventBridge does not guarantee order)
• K8s health check endpoint
• Scans in different namespace
• Proper retry and requeuing for requests that resulted in k8s errors