Qualys Cloud Agent for AWS Bottlerocket
Overview
AWS Bottlerocket is a Linux-based operating system specifically designed to run containers. The Qualys Cloud Agent for Bottlerocket enables seamless visibility and security posture management of container hosts, leveraging lightweight, real-time telemetry to feed key modules such as:
- Vulnerability Management (VMDR)
- Policy Compliance
- Asset Inventory
This guide is tailored to help infrastructure and security teams quickly onboard Bottlerocket instances into the Qualys ecosystem with minimal system overhead and maximum efficiency.
Who Should Use This Guide?
- DevOps and DevSecOps Engineers
- Cloud Infrastructure Architects
- Security Operations (SecOps) Teams
- AWS Administrators managing containerized environments
Before You Begin
- Use a supported Bottlerocket AMI version
- Access to IAM role or credentials for SSM and EC2 metadata access
- A valid Qualys activation key
- Ensure outbound HTTPS (443) access to the Qualys Cloud Platform
What You’ll Learn
- Bottlerocket architecture and update model
- Preparing a custom Bottlerocket TOML config file
- Injecting configuration via user data or SSM Parameter Store
- Enabling the agent as a Bottlerocket control container
- Monitoring agent status in Qualys UI or API
Deployment Highlights
- Leverages Bottlerocket’s secure control container architecture
- Agent runs without SSH; setup is declarative and automated
- Supports ECS, EKS, or standalone Bottlerocket deployments
Related Resources
- AWS Bottlerocket Documentation
- Qualys Cloud Agent for Linux Guide
- Qualys Cloud Agent API Documentation
Need Help?
For advanced use cases, troubleshooting, or automation support, contact your Qualys Technical Account Manager or visit the Qualys Community. You can also reach out to Qualys Support.