Skip to content
This repository was archived by the owner on Jan 27, 2025. It is now read-only.

degica/scheduled-inspector-run

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
reporting
reporting
 
 
scheduled-run
scheduled-run
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
template.yaml
template.yaml
 
 

Repository files navigation

AWS Inspector scheduled run and reporting

Run AWS Inspector periodically and report run results to Slack. Currently only Tokyo (ap-northeast-1) region is supported.

Deploy

Create a new AWS Inspector template

Create a new Inspector template with your preffered rule packages on the AWS web console.

Deploy Resources

# Create a SAM package
$ aws cloudformation package \
  --template-file ./template.yaml \
  --s3-bucket=<S3 bucket name> \
  --output-template-file packaged-template.yml

# Deploy the package
$ aws cloudformation deploy \
  --region=ap-northeast-1 \
  --template-file ./packaged-template.yml \
  --stack-name scheduled-inspector-run \
  --capabilities CAPABILITY_IAM \
  --parameter-overrides \
    TemplateArns=<comma-separated AWS Inspector template ARNs> \
    Schedule="cron(45 5 ? * * *)" \
    SlackUrl=<Slack URL>

Use your Inspector template ARN as TemplateArns. You can also change Schedule.

Setup SNS notification on the Inspector template

In the previous step, you created all required AWS resources to run scheduled Inspector run. Now you need to set Reporting SNS topic that is created in the previous step to your Inspector template with "Run finished" event enabled.

About

Schedules AWS Inspector run and report results to Slack

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

25 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages