“ I have checked the documents of AWS to export the findings report in amazon inspector. So I found out that it can be possible using s3 bucket and kms key policy. Pricing of Amazon EC2 depends on usage of instance, S3 bucket as per storage size, KMS custom key costs $1 per key, lambda charges after free trial and inspector charges after free trial.”
Amazon inspector is a vulnerability management service that continuously scans your AWS workloads for software vulnerabilities and unintended network exposure. Amazon inspector automatically discovers and scans running Amazon ec2 instances, container images in Amazon Elastic Container Registry and AWS Lambda functions for known software vulnerabilities and unintended network exposure.
Amazon inspector creates a finding when it discovers a software vulnerability or network configuration issue. A finding describes the vulnerability, identifies the affected resource, rates the severity of the vulnerability and provides remediation guidance. You can analyze findings using the Amazon inspector console or view and process your findings through other AWS services.
In this post, you will get to know how to export all findings inspector report in s3 bucket using kms custom key. Here I have used an ec2 server, a s3 bucket, a lambda function and a custom managed key which is able to export the findings report in the s3 bucket using the kms key for ec2 and lambda service.
Prerequisites
You’ll need an Amazon EC2 Server for this post. Getting started with amazon EC2 provides instructions on how to launch an EC2 Server.
You’ll need an AWS Lambda for this post. Getting started with aws Lambda provides instructions on how to create a lambda function.
You’ll need an Amazon Simple Storage Service for this post. Getting started with Amazon Simple Storage Service provides instructions on how to create a bucket in simple storage service.
You’ll need an AWS Key Management Service for this post. Getting started with AWS KMS provides instructions on how to create a custom key. For this blog, I assume that I have an ec2 server, a s3 bucket, a lambda function and a custom key created.
Architecture Overview
The architecture diagram shows the overall deployment architecture with data flow, amazon ec2, amazon s3, aws kms, aws lambda and amazon inspector.
Solution overview
The blog post consists of the following phases:
- Create of S3 Bucket Policy and KMS Policy
- Activate Amazon Inspector. Also Check of Findings for EC2 and Lambda
- Export of All Findings Report with S3 Bucket and KMS Custom Key Settings
I have a ec2 server, a lambda function, a s3 bucket and a custom key as below →
Phase 1: Create of S3 Bucket Policy and KMS Policy
- Open the S3 console and create a bucket policy on the existing bucket for inspector permission. Also encrypt the bucket using the existing kms custom key. Also add a kms key policy on existing key for inspector service.
Phase 2: Activate Amazon Inspector. Also Check of Findings for EC2 and Lambda
- Open the Amazon inspector console and activate the inspector service. Verify the findings for ec2 and lambda.
Phase 3: Export of All Findings Report with S3 Bucket and KMS Custom Key Settings
Clean-up
Delete EC2 Instance, KMS Custom Key, S3 Bucket and Lambda. Also deactivate Inspector.
Pricing
I review the pricing and estimated cost of this example.
Cost of EC2 Instance = $0.09
Cost of Key Management Service = $1.0
Cost of Lambda = $0.0
Cost of S3 = $0.01
Cost of Inspector = $0.0
Total Cost = $(0.09 + 1.0 + 0.0 + 0.01 + 0.0) = $1.1
Summary
In this post, I showed “how to export all findings inspector report in s3 bucket using kms custom key”.
For more details on Amazon Inspector, Checkout Get started Amazon Inspector, open the Amazon Inspector console. To learn more, read the Amazon Inspector documentation.
Thanks for reading!
Connect with me: Linkedin
Top comments (0)