Having installed OpenVAS onto an AWS EC2 (CentOS7) instance and utilising the AtomicCorp Docker image https://hub.docker.com/r/atomicorp/openvas my question is with later versions can cross account roles be utilised for scanning purposes? For example I have my account Test A (containing OpenVAS) and I want to scan instances within Test B also owned by me, is this possible with a cross account IAM role with relevant permissions?
Based on the AtomicCorp Docker image (GSA 7.0.2) it doesn’t appear possible, it appears as though you can provide Username/Password, Username/SSH Keys, Client Certificate, etc. Having reviewed documentation I’ve been unable to locate any information fully supporting Cloud scanning.