Support matrix

The matrices on this page detail the compatible deployment types for application protocols and Aembit features such as Client Workload Identifiers, Agent Controller Trust Providers, Agent Proxy Trust Providers, Conditional Access and the operating systems for VMs that Aembit supports.

Aembit Edge supports multiple types of deployments:

• Kubernetes

• AWS Elastic Container Service (ECS) Fargate

• Virtual Machines (Linux, Windows, Docker-compose)

• AWS Lambda (function, container)

• Virtual Appliance (VMware)

For Linux Virtual Machines

Aembit supports Client Workloads running directly on the VM or within Docker-compose on the VM. Aembit collects different data from applications running in Docker-compose compared to those running directly on the VM.

Key

Icon	Meaning
✅	Supported
❌	Not supported
⚪️	Not applicable

Application protocols

Application Protocols	Kubernetes	AWS EKS Fargate	AWS ECS Fargate	Virtual Machine (Linux)	Virtual Machine (Windows)	Virtual Appliance	Docker-compose on VMs	AWS Lambda
HTTP 1.1	✅	✅	✅	✅	✅	✅	✅	✅
Postgres 3.0	✅	❌	❌	✅	❌	❌	✅	❌
MySQL 10	✅	❌	❌	✅	❌	❌	✅	❌
Redis RESP2	✅	❌	❌	✅	❌	❌	✅	❌
Redis RESP3	✅	❌	❌	✅	❌	❌	✅	❌
Snowflake SDK (HTTP-based)	✅	✅	✅	✅	✅	✅	✅	✅
Snowflake REST API (HTTP-based)	✅	✅	✅	✅	✅	✅	✅	✅
Amazon Redshift 3.0	✅	❌	❌	✅	❌	❌	✅	❌

Client Workload Identifiers

Client Workload Identifiers	Kubernetes	AWS EKS Fargate	AWS ECS Fargate	Virtual Machine (Linux)	Virtual Machine (Windows)	Virtual Appliance	Docker-compose on VMs	AWS Lambda
Aembit Client ID	✅	✅	✅	✅	✅	❌	✅	✅
AWS ECS Task Family	❌	❌	✅	❌	❌	❌	❌	❌
Hostname	❌	❌	❌	✅	✅	❌	✅	❌
Kubernetes Pod name	✅	✅	❌	❌	❌	❌	❌	❌
Kubernetes Pod name prefix	✅	✅	❌	❌	❌	❌	❌	❌
Process Name *	❌	❌	❌	✅	❌	❌	❌	❌
Process User Name *	❌	❌	❌	✅	❌	❌	❌	❌
Source IP	✅	✅	✅	✅	✅	✅	✅	❌
AWS Lambda ARN	❌	❌	❌	❌	❌	❌	❌	✅

* Before using the Process Name and Process User Name identifiers, you must enable them in Agent Proxy first. See Process name for details

Agent Controller Trust Providers

Trust Providers	Kubernetes	AWS EKS Fargate	AWS ECS Fargate	Virtual Machine	Virtual Appliance	Docker-compose on VMs	AWS Lambda
AWS Role	❌	❌	✅	❌	❌	⚪️	⚪️
AWS Metadata Service	✅*	❌	❌	✅*	❌	⚪️	⚪️
Azure Metadata Service	✅*	❌	❌	✅*	❌	⚪️	⚪️
GCP Identity Token	✅*	❌	❌	✅*	❌	⚪️	⚪️
Kubernetes Service Account	✅	✅	❌	❌	❌	⚪️	⚪️
Kerberos	❌	❌	❌	❌	❌	⚪️	⚪️

* Aembit tailors the Trust Providers available in Kubernetes and VM environments specifically for their respective cloud platforms.

Agent Proxy Trust Providers

Trust Providers	Kubernetes	AWS EKS Fargate	AWS ECS Fargate	Virtual Machine (Linux)	Virtual Machine (Windows)	Virtual Appliance	Docker-compose on VMs	AWS Lambda
AWS Role	❌	❌	✅	✅**	✅**	❌	❌	✅
AWS Metadata Service	✅*	❌	❌	✅*	✅*	❌	✅*	❌
Azure Metadata Service	✅*	❌	❌	✅*	✅*	❌	✅*	❌
GCP Identity Token	❌	❌	❌	❌	❌	❌	❌	❌
Kubernetes Service Account	✅	✅	❌	❌	❌	❌	❌	❌
Kerberos	❌	❌	❌	✅	✅	❌	✅	❌

* Aembit tailors the Trust Providers available in Kubernetes and VM environments specifically for their respective cloud platforms.
** The AWS Role Trust Provider supports only EC2 instances with an attached IAM role.

Conditional Access

Access Conditions	Kubernetes	AWS EKS Fargate	AWS ECS Fargate	Virtual Machine (Linux)	Virtual Machine (Windows)	Virtual Appliance	Docker-compose on VMs	AWS Lambda
CrowdStrike	❌	❌	❌	✅	✅	❌	✅	❌
Wiz	✅	✅	❌	❌	❌	❌	❌	✅
Time	✅	✅	✅	✅	✅	✅	✅	✅
GeoIP	✅	✅	✅	✅	✅	✅	✅	✅

Supported operating systems for VMs

The following sections are contain the operating system versions that Aembit supports on VMs

Linux distributions

Linux Distribution	Version
Ubuntu	20.04
Ubuntu	22.04
Red Hat	8.6
Red Hat	8.9
Red Hat	9.3

Windows editions

Windows Edition	Version
Windows Server	2019
Windows Server	2022