Doc support for AWS Lambda Layers (#111)

Show how to see vulnerabilities in layers.

Author: MorShabiPAN

admin_guide/compliance/images/comp_function_details.png

@@ -148,16 +148,55 @@ Console dynamically selects an available Defender to execute the scan job.
 
 .. Specify a function name or pattern.
 +
-Wildcards are supported.
+NOTE: Wildcards are supported.
 
 .. Select or xref:../authentication/credentials_store.adoc[create credentials] so that Prisma Cloud can access your account.
 
 .. Specify a cap for the number of functions to scan.
 +
-Prisma Cloud scans the X most recent functions, where X is the cap value. To scan all functions, set the cap to 0.
+NOTE: Prisma Cloud scans the X most recent functions, where X is the cap value. To scan all functions, set the cap to 0.
 
+.. Select *Scan only latest versions* to only scan the latest version of each function.  Otherwise, the scanning will cover all versions of each function up to the specified *cap* value. 
+ 
+.. Select *Scan Lambda Layers* to enable scanning the function's Layers as well.
+ 
 .. Click *Add*.
 
-. Click the save button.
+. Click the *Save* button.
 
 . To view the scan report, go to *Monitor > Compliance > Functions*.
+
+=== View AWS Lambda Layers scan report
+
+Prisma Cloud can scan the AWS Lambda Layers code as part of the Lambda function's code scanning.
+This capability can help you determine whether the Compliance checks are associated with the function or function Layers.
+Follow the steps below to view the Lambda Layers compliance scan results:
+
+[.procedure]
+. Open Console.
+
+. Make sure you selected the *Scan Lambda layers* in the Defend > Compliance > Functions > Functions > Serverless Accounts > *Function scan scope*
++
+image::function_scan_scope.png[width=700]
+
+. Go to *Monitor > Compliance > Functions > Scanned functions*.
+
+. Filter the table to include functions with the desired Layer by adding the *Layers* filter.
++
+You can also filter the results by a specific layer name or postfix wildcards.
+Example: `Layers:* OR Layers:arn:aws:lambda:*`
++
+image::comp_layers_filter.png[width=700]
+
+. Open the *Function details* dialog to view the details about the Layers and the Compliance issues associated with them:
+
+.. Click on a specific function
+
+.. See the Function's vulnerabilities, compliance issues and package info in the related tabs. Use the *Found in* column to determine if the component is associated with the Function or with the Function's Layers.
++
+image::comp_function_details.png[width=700]
+
+.. Use the *Layers info* tab to see the full list of the function's the Layers.
++
+image::vuls_functions_layers_info.png[width=700] 
+

admin_guide/compliance/images/comp_layers_filter.png

@@ -45,7 +45,7 @@ Unlike image scanning, all function scanning is handled by Console.
 .. Specify a function name.
 +
 NOTE: Wildcards are supported.
-+
+
 .. Select or xref:../authentication/credentials_store.adoc[create credentials] so that Prisma Cloud can access your account.
 +
 * AWS -- Specify either an IAM user credential (access key ID and secret access key) or IAM role.
@@ -55,19 +55,54 @@ NOTE: Wildcards are supported.
 .. Specify a cap for the number of functions to scan.
 +
 NOTE: Prisma Cloud scans the X most recent functions, where X is the cap value.  Set this value to `0` to scan all functions.
-+
+
 .. Select *Scan only latest versions* to only scan the latest version of each function.  Otherwise, the scanning will cover all versions of each function up to the specified *cap* value. 
-+ 
+ 
+.. Select *Scan Lambda Layers* to enable scanning the function's Layers as well.
+ 
 .. Click *Add*.
 
-. Click the yellow save button.
-+
-image::save_button.png[width=50]
+. Click the *Save* button.
 
 . View the scan report.
 Go to *Monitor > Vulnerabilities > Functions > Scanned functions*.
 
 
+=== View AWS Lambda Layers scan report
+
+Prisma Cloud can scan the AWS Lambda Layers code as part of the Lambda function's code scanning.
+This capability can help you determine whether the vulnerability issues are associated with the function or function Layers.
+Follow the steps below to view the Lambda Layers scan results:
+
+[.procedure]
+. Open Console.
+
+. Make sure you selected the *Scan Lambda layers* in the Defend > Vulnerabilities > Functions > Functions > Serverless Accounts > *Function scan scope*
++
+image::function_scan_scope.png[width=700]
+
+. Go to *Monitor > Vulnerabilities > Functions > Scanned functions*.
+
+. Filter the table to include functions with the desired Layer by adding the *Layers* filter.
++
+You can also filter the results by a specific layer name or postfix wildcards.
+Example: `Layers:* OR Layers:arn:aws:lambda:*`
++
+image::function_vuls_layers_filter.png[width=700]
+
+. Open the *Function details* dialog to view the details about the Layers and the vulnerabilities associated with them:
+
+.. Click on a specific function
+
+.. See the Function's vulnerabilities, compliance issues and package info in the related tabs. Use the *Found in* column to determine if the component is associated with the Function or with the Function's Layers.
++
+image::vul_function_details.png[width=700]
+
+.. Use the *Layers info* tab to see the full list of the Function's Layers, and aggregated information about the Layers vulnerabilities. In case that there are vulnerabilities associated with the layer you will be able to expand the layer raw to list all the vulnerabilities.
++
+image::vuls_functions_layers_info.png[width=700] 
+
+
 === Authenticating with AWS
 
 The serverless scanner is implemented as part of Console.
@@ -95,7 +130,7 @@ endif::prisma_cloud[]
 [.task]
 === Scanning Azure Functions
 
-Azure Functions are architected differently than AWS Lambda and Google Cloud Functions.
+Azure Functions are architected differently than AWS Lambda and Google Cloud Functions. 
 Azure function apps can hold multiple functions.
 The functions are not segregated from each other.
 They share the same file system.