“ I have checked the documents of AWS to explore code security feature as gitlab and github source connect in amazon inspector. Amazon EC2 inspector makes it easy and secure to view the aws services vulnerabilities as code scan and scan findings. In terms of cost, the solution is cheaper and secure.”
Amazon Inspector is a vulnerability management service that automatically discovers workloads and continually scans them for software vulnerabilities and unintended network exposure. With Code Security, Amazon Inspector scans first-party application source code, third-party application dependencies and Infrastructure as code for vulnerabilities.
You can activate Code Security in the Amazon Inspector console or with the Amazon Inspector API. Once you activate Code Security, you can create and apply a scan configuration to your code repository to determine how often and when it will be scanned. You can view, edit and delete your scan configuration at any time.
In this post, you will experience the explore code security feature as gitlab and github source connect in amazon inspector. Here I have created an ec2 instance, lambda to have vulnerabilities finding via scan in the inspector. Also explore code security features with gitlab and github source connect.
Architecture Overview
The architecture diagram shows the overall deployment architecture with data flow, ec2 instance, lambda, amazon inspector, code security scans and findings.
Solution overview
The blog post consists of the following phases:
- Findings View in Inspector Dashboard for AWS Resources and Services
- Review of Code Security Feature for Code Scan Findings
Phase 1: Findings View in Inspector Dashboard for AWS Resources and Services
- Open the amazon inspector console, click on get started. We can view the service role permissions and trust relationship. Activate the inspector for only the same aws account. Once the inspector is activated, we can view the dashboard for environment coverage, critical findings, risk based remediations and soon..
- If we have an ec2 instance and a lambda function then we can view the finding of it as vulnerabilities on the dashboard of the inspector.
Phase 2: Review of Code Security Feature for Code Scan Findings
Clean-up
EC2 Instance, lambda, findings report and deactivate inspector.
Pricing
I review the pricing and estimated cost of this example.
Cost of EC2 Instance = $0.0104 per On Demand Linux t3.micro Instance Hour(1.072 Hrs) = $0.01
Cost of Amazon Inspector = $0.000417 per Hourly for Lambda-Standard-Scanning(24 Hourly) = $0.01
Cost of Lambda = $0.00
Total Cost = $0.02
Summary
In this post, I showed “explore code security feature as gitlab and github source connect in amazon inspector”.
For more details on Amazon Inspector Code Security, Checkout Get started Amazon Inspector Code Security, open the Amazon Inspector Code Security console. To learn more, read the Amazon Inspector Code Security documentation.
Thanks for reading!
Connect with me: Linkedin
Top comments (0)