Product Updates

Updating your console and agent is straightforward and easy to do.


Please upgrade your Linked Account Roles to v1.12 or later BEFORE upgrading your console/agent to v7.

If you do not upgrade your Linked Account Roles then you could experience problems when using EventBridge. Click here to learn more about Linked Account Updates.

Please also note, you'll also need to upgrade your console/agent to the latest current version you're currently on before you can upgrade to the next major version.

For example, if you are on v5, you'll need to upgrade to the latest version of v5, then upgrade to the latest of v6, then finally upgrade to v7.

Types of Updates

Notice the red dot as that is the indicator you have some form of update available. We are following the Major.Minor.Patch versioning number format. All updates are preformed through the simple click of a button in the Updates popup.

Major updates are a larger update that forces both the console and the agent to update. The console and agent can be updated independently, but they can never deviate from having the same Major version number.

Minor updates are those where we may have added new functionality. This applies to the console and the agents.

Patch updates are those where we have mainly added bug fixes to the release. This applies to the console and the agents.

Performing Updates

When you click any of the update buttons within the Updates popup, we will roll out a new Task Definition(s) pointing at the new version of the specified component. Major forces both the console and agents to update together. Console-only or Agent-only updates will just update that one component. This will span all regions you have agents running.

When updating the Scanning Agents it will update all agents running globally.

AWS Fargate does not persist IPs across task refreshes or reboots. Therefore a new IP is always generated. We provide a dedicated subdomain URL to abstract this from you so you have a consistent access experience. You can leave this URL as the default that was provided or you can specify a more useful name that is easier to remember.

You will see the following messages, or something similar, during the update:

Once the update is complete the popup will show No Available Updates:

Console Updates

Console updates are delivered via a CloudFormation Stack update. We automate this for you by executing the stack update against the stack used to create the current running deployment. If you'd like to better understand the specifics of what was updated, you will be able to see this in the CloudFormation Service area of the AWS Console as seen below. In the image below, you'll see the initial installation was done on 6/18 and then an update was performed on 07/09 along with each component that was involved in the update.

Agent Updates

Whereas the Console updates are performed through a CloudFormation update, agent updates are done through the Console itself.

Linked Account Role Updates

Linking AWS Accounts into the console is done by deploying a cross-account role CloudFormation stack in each account. Updates do come out for this role to provide the functionality to keep your data safe. This stack needs to be updated which can also be triggered from this updates menu. Clicking this option will attempt to update every linked account's role. If you'd like to roll the updates out in stages for your linked accounts, then perform the updates on a smaller scale on the Manage Accounts page. For more information on this, please refer to the Managed Accounts page.

Last updated