You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
List Elevarq Signals 1.0 on AWS Marketplace as a free container product, ASAP. Signals is free, so it needs only minimal seller onboarding (no tax/bank) and is independent of the paid Analyzer listing currently under review.
⚠️ Verify first (the real "can we publish asap?" gate)
Confirm the seller account can publish a FREE product while the paid-Analyzer onboarding is still under review. Free products require only an account in good standing + accepted seller T&Cs + valid email (no tax/bank). But if the account's registration is still pending, publishing may wait — confirm the account is "registered seller," not "registration pending."
Key constraints (from research)
Images + Helm chart must live in AWS-Marketplace-managed Amazon ECR (RepositoryType=ECR, via AddRepositories). ghcr.io cannot be referenced — we re-push the signed multi-arch image + OCI chart into Marketplace ECR. Even OSS deps must be copied in.
Delivery method: Helm chart (Helm CLI) as primary; optionally add a Container image delivery option. QuickLaunch-for-EKS is discontinued (Mar 1 2026) — our CFN/Terraform become buyer-side guidance, not a fulfillment option.
Auto image scanning per version: critical/remotely-exploitable + base-image CVEs delay publishing and can pull a live listing on rescan. Our Trivy-clean (0 CRIT/HIGH) + SBOM + cosign posture aligns.
Free-product eligibility: production-ready, defined support process, stated update/patch cadence.
Checklist
Verify free-publish is unblocked by the paid-Analyzer review (above).
Draft the listing package (title, description, categories, architecture diagram, usage instructions, support contact + update cadence, EULA vs Standard Contract). (in this repo: docs/marketplace/aws-listing.md)
Create the Marketplace ECR repos (AddRepositories) in AMMP/Catalog API.
Submit the container product (Helm delivery option) → AWS review.
Preview + approve the limited listing URL.
Request Limited → Public (Update visibility) → live.
Open questions to resolve
Do cosign signatures survive the copy into Marketplace ECR, or are they re-signed/scanned by AWS?
Multi-arch (linux/amd64 + linux/arm64) in a single delivery option — supported as a manifest list?
Exact listing-content fields/limits + EULA vs Standard Contract for AWS Marketplace (SCMP) for a free listing.
Does the 90-day paid-equivalent rule bind a standalone free OSS product (literally scoped to "editions of commercial software")?
Realistic timeline
~3–6 weeks tag-1.0 → live: days for ECR setup + copy/scan, then ~2–4 weeks AWS review (general figure, not a container SLA) + preview-approve + Limited→Public. The listing review is the long pole, not the tag — start onboarding/listing prep in parallel now.
Acceptance criteria
Signals 1.0.0 is Public on AWS Marketplace as a free container product, deployable via the documented Helm path, with images/chart served from Marketplace ECR.
Goal
List Elevarq Signals 1.0 on AWS Marketplace as a free container product, ASAP. Signals is free, so it needs only minimal seller onboarding (no tax/bank) and is independent of the paid Analyzer listing currently under review.
Requirements verified against AWS primary docs (container-based-products, container-product-policies, container-add-version, seller-eligibility, product-submission, Catalog API).
Key constraints (from research)
RepositoryType=ECR, viaAddRepositories). ghcr.io cannot be referenced — we re-push the signed multi-arch image + OCI chart into Marketplace ECR. Even OSS deps must be copied in.Checklist
docs/marketplace/aws-listing.md)AddRepositories) in AMMP/Catalog API.scripts/marketplace-ecr-push.sh)Open questions to resolve
Realistic timeline
~3–6 weeks tag-1.0 → live: days for ECR setup + copy/scan, then ~2–4 weeks AWS review (general figure, not a container SLA) + preview-approve + Limited→Public. The listing review is the long pole, not the tag — start onboarding/listing prep in parallel now.
Acceptance criteria