You must be logged in to view saved presets
An Amazon Inspector (Classic) Template to assess whether EC2 instances are exposed to common vulnerabilities and exposures (CVEs). Templates can be restricted to select EC2 instances by Tag or apply to all EC2 instances. Configuration includes options to enable automatically recurring assessments based on a schedule.
CIS Benchmarks rule package is selected, but additional rule packages can be included as well:
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
AssessmentTarget:
Type: 'AWS::Inspector::AssessmentTarget'
Properties:
AssessmentTargetName: Amazon Inspector Targets
AssessmentTemplate:
Type: 'AWS::Inspector::AssessmentTemplate'
Properties:
AssessmentTargetArn:
Ref: AssessmentTarget
DurationInSeconds: 3600
RulesPackageArns:
- 'Fn::FindInMap':
- RulePackageArn
- Ref: 'AWS::Region'
- CIS
Parameters: {}
Metadata: {}
Conditions: {}
Mappings:
RulePackageArn:
us-west-2:
CVE: 'arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p'
CIS: 'arn:aws:inspector:us-west-2:758058086616:rulespackage/0-H5hpSawc'
Network: 'arn:aws:inspector:us-west-2:758058086616:rulespackage/0-rD1z6dpl'
Security: 'arn:aws:inspector:us-west-2:758058086616:rulespackage/0-JJOtZiqQ'
Runtime: 'arn:aws:inspector:us-west-2:758058086616:rulespackage/0-vg5GGHSD'
us-east-1:
CVE: 'arn:aws:inspector:us-east-1:316112463485:rulespackage/0-gEjTy7T7'
CIS: 'arn:aws:inspector:us-east-1:316112463485:rulespackage/0-rExsr2X8'
Network: 'arn:aws:inspector:us-east-1:316112463485:rulespackage/0-PmNV0Tcd'
Security: 'arn:aws:inspector:us-east-1:316112463485:rulespackage/0-R01qwB5Q'
Runtime: 'arn:aws:inspector:us-east-1:316112463485:rulespackage/0-gBONHN9h'
us-east-2:
CVE: 'arn:aws:inspector:us-east-2:646659390643:rulespackage/0-JnA8Zp85'
CIS: 'arn:aws:inspector:us-east-2:646659390643:rulespackage/0-m8r61nnh'
Network: 'arn:aws:inspector:us-east-2:646659390643:rulespackage/0-cE4kTR30'
Security: 'arn:aws:inspector:us-east-2:646659390643:rulespackage/0-AxKmMHPX'
Runtime: 'arn:aws:inspector:us-east-2:646659390643:rulespackage/0-UCYZFKPV'
us-west-1:
CVE: 'arn:aws:inspector:us-west-1:166987590008:rulespackage/0-TKgzoVOa'
CIS: 'arn:aws:inspector:us-west-1:166987590008:rulespackage/0-xUY8iRqX'
Network: 'arn:aws:inspector:us-west-1:166987590008:rulespackage/0-TxmXimXF'
Security: 'arn:aws:inspector:us-west-1:166987590008:rulespackage/0-byoQRFYm'
Runtime: 'arn:aws:inspector:us-west-1:166987590008:rulespackage/0-yeYxlt0x'
ap-south-1:
CVE: 'arn:aws:inspector:ap-south-1:162588757376:rulespackage/0-LqnJE9dO'
CIS: 'arn:aws:inspector:ap-south-1:162588757376:rulespackage/0-PSUlX14m'
Network: 'arn:aws:inspector:ap-south-1:162588757376:rulespackage/0-YxKfjFu1'
Security: 'arn:aws:inspector:ap-south-1:162588757376:rulespackage/0-fs0IZZBj'
Runtime: 'arn:aws:inspector:ap-south-1:162588757376:rulespackage/0-EhMQZy6C'
ap-southeast-2:
CVE: 'arn:aws:inspector:ap-southeast-2:454640832652:rulespackage/0-D5TGAxiR'
CIS: 'arn:aws:inspector:ap-southeast-2:454640832652:rulespackage/0-Vkd2Vxjq'
Network: 'arn:aws:inspector:ap-southeast-2:454640832652:rulespackage/0-FLcuV4Gz'
Security: 'arn:aws:inspector:ap-southeast-2:454640832652:rulespackage/0-asL6HRgN'
Runtime: 'arn:aws:inspector:ap-southeast-2:454640832652:rulespackage/0-P8Tel2Xj'
ap-northeast-2:
CVE: 'arn:aws:inspector:ap-northeast-2:526946625049:rulespackage/0-PoGHMznc'
CIS: 'arn:aws:inspector:ap-northeast-2:526946625049:rulespackage/0-T9srhg1z'
Network: 'arn:aws:inspector:ap-northeast-2:526946625049:rulespackage/0-s3OmLzhL'
Security: 'arn:aws:inspector:ap-northeast-2:526946625049:rulespackage/0-2WRpmi4n'
Runtime: 'arn:aws:inspector:ap-northeast-2:526946625049:rulespackage/0-PoYq7lI7'
ap-northeast-1:
CVE: 'arn:aws:inspector:ap-northeast-1:406045910587:rulespackage/0-gHP9oWNT'
CIS: 'arn:aws:inspector:ap-northeast-1:406045910587:rulespackage/0-7WNjqgGu'
Network: 'arn:aws:inspector:ap-northeast-1:406045910587:rulespackage/0-YI95DVd7'
Security: 'arn:aws:inspector:ap-northeast-1:406045910587:rulespackage/0-bBUQnxMq'
Runtime: 'arn:aws:inspector:ap-northeast-1:406045910587:rulespackage/0-knGBhqEu'
eu-west-1:
CVE: 'arn:aws:inspector:eu-west-1:357557129151:rulespackage/0-ubA5XvBh'
CIS: 'arn:aws:inspector:eu-west-1:357557129151:rulespackage/0-sJBhCr0F'
Network: 'arn:aws:inspector:eu-west-1:357557129151:rulespackage/0-SPzU33xe'
Security: 'arn:aws:inspector:eu-west-1:357557129151:rulespackage/0-SnojL3Z6'
Runtime: 'arn:aws:inspector:eu-west-1:357557129151:rulespackage/0-lLmwe1zd'
eu-central-1:
CVE: 'arn:aws:inspector:eu-central-1:537503971621:rulespackage/0-wNqHa8M9'
CIS: 'arn:aws:inspector:eu-central-1:537503971621:rulespackage/0-nZrAVuv8'
Network: 'arn:aws:inspector:eu-central-1:537503971621:rulespackage/0-6yunpJ91'
Security: 'arn:aws:inspector:eu-central-1:537503971621:rulespackage/0-ZujVHEPB'
Runtime: 'arn:aws:inspector:eu-central-1:537503971621:rulespackage/0-0GMUM6fg'
us-gov-east-1:
CVE: 'arn:aws-us-gov:inspector:us-gov-east-1:206278770380:rulespackage/0-3IFKFuOb'
CIS: 'arn:aws-us-gov:inspector:us-gov-east-1:206278770380:rulespackage/0-pTLCdIww'
Security: 'arn:aws-us-gov:inspector:us-gov-east-1:206278770380:rulespackage/0-vlgEGcVD'
Runtime: 'arn:aws-us-gov:inspector:us-gov-east-1:206278770380:rulespackage/0-850TmCFX'
us-gov-west-1:
CVE: 'arn:aws-us-gov:inspector:us-gov-west-1:850862329162:rulespackage/0-4oQgcI4G'
CIS: 'arn:aws-us-gov:inspector:us-gov-west-1:850862329162:rulespackage/0-Ac4CFOuc'
Security: 'arn:aws-us-gov:inspector:us-gov-west-1:850862329162:rulespackage/0-rOTGqe5G'
Runtime: 'arn:aws-us-gov:inspector:us-gov-west-1:850862329162:rulespackage/0-JMyjuzoW'