Inspector Pipeline Method - Initial Release

June 4, 2021

Inspector is the latest AWS service to be incorporated into a tool which can be called within the ciinabox-pipelines library.

The Inspector service from AWS allows EC2 instances to be scanned for well know vulnerabilities or poor configurations using a predefined set of rule packages which are curated by Amazon. This tool interfaces with the service and allows a user to pass though an AMI to be scanned in a once off fashion. The method is designed to be called when creating a new AMI in order to test its configuration prior to it being used in a production environment, catching potential issues before they could cause any damage.

Support

As of current the tool support either Windows or Linux based AMI’s furthermore, the AMI will be scanned by inspector regardless of if the inspector agent has already been installed.

Use

In order to use the tool within a pipeline simply call the function runInspector which takes two arguments, the region the AMI instance is located in and the AMI ID of the instance