Documentation
Provisioners
Provisioners prepare the system using built-in and third-party software to install and configure the image.
Use case
Image compliance
Create one security and compliance workflow for images that are provisioned across multiple clouds.
Challenge
Outdated images introduce security and compliance risks
Golden images must be secure, compliant, and up to date. Manual configuration and patching processes lead to inconsistent outcomes and increased risk of security breaches due to unsecured or out-of-date base images.
Solution
Reduce the risk of breach due to out-of-date or unsecured operating systems
Codify security hardening and compliance baselines to ensure golden images are consistent. Security teams can automate the validation of image configurations and resulting builds before approval. Using channels in the HCP Packer artifact registry, the approved version of every image is discoverable by downstream provisioning processes, and vulnerable images can be revoked to prevent further use.
Resources
Docs
Explore all
Tutorials
Explore all
Identify compromised images with Terraform Cloud
Use the Terraform Cloud run task for HCP Packer to prevent your Terraform configuration from referencing revoked image versions.
Schedule image iteration revocation for compliance
Learn how image revocation in HCP Packer prevents downstream image consumers from referencing outdated images.
Revoke an image and its descendants using inherited revocation
Revoke a parent image and all its descendants and observe the downstream impact to the Terraform Cloud workflow.
