Home » Security » How to configure AWS inspector step by step

How to configure AWS inspector step by step

AWS inspector is tool that is agent based and runs on the EC2 instances and requires a role that will have access to the instances in you r environment. AWS inspector checks the application against vulnerabilities and best practices.

Once it has been enabled on an instance you can run your regular activities on your application in which that time AWS inspector will collect data.

you can then stop collector and AWS will messaure against  vulnerabilities and best security practices.

To get more info – visit the AWS site on this link  –  https://aws.amazon.com/inspector/

let’s gets started on enabling the feature and see how it can help you and your organization

log into the AWS  with your email and password

Capture

Once you are logged in then you can go to “Services” “Security and Identity” and “INSPECTOR”

Screen Shot 04-21-16 at 08.51 PM

You will see the below screen which means the inspector has not been enabled

Screen Shot 04-21-16 at 08.54 PM

Click on the Get Started blue button to get to the next screen – there are five steps mandatory steps

  1.  Create a role that will have access to your EC2 instances and this will done via policy that gets applied when you create a role and it will also create a policy
  2. Tag an instance and this can be pre-existing tags for example application 1 etc
  3. Install the agent on your instance
  4. start the assessment and use the application for Inspector to gather the data
  5. stop the assessment and view the report

screen-shot-04-21-16-at-08-59-pm

Create a new role by clicking on the Create new role

Screen Shot 04-30-16 at 08.49 AM

Click on create a new role and it will name the new role as “Inspector” and will attach the policy for you as shown in the screenshot below

Screen Shot 04-30-16 at 08.50 AM

Clicking allow will create a new role for you with the policy attached to it and now if you go back to inspector you will see the new role

Screen Shot 04-30-16 at 08.56 AM

Now you can set the tags or use existing tags to find the instance

2016-05-06_222220

Once you add the tag then you can use find now button to find the instance with those tags like the screen shot below

2016-05-06_222641

Now you will to select the security package to run against your application/instance

2016-05-06_223022

Once the package has been selected – you are now ready to save/create  the template and the template can be run

2016-05-06_223128

you can see on the screenshot below where you can run the assessment

2016-05-06_223332

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*