Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

How To Scanning Amazon EC2 Instances With Amazon Inspector

Amazon Inspector is a vulnerability management service that continuously scans your running Amazon EC2 instances, container images in Amazon Elastic Container Registry (Amazon ECR), and AWS Lambda functions.

Now here we see how to scan Amazon ec2 instances with Amazon Inspector.



Amazon Inspector EC2 scanning extracts metadata from your EC2 instance and compares it with rules collected from security advisories to produce findings. Amazon Inspector scans instances for package vulnerabilities and network reachability issues.

Types Of Scan Methods

Package vulnerability scans can be performed using a two-scan method.



Agent-based scanning:

Agent-based scans are performed continuously using the SSM agent on all eligible instances. For agent-based scans, Amazon Inspector uses SSM associations, and plugins installed through these associations, to collect software inventory from your instances.

Agentless scanning

Agentless scans are performed using EBS snapshots to collect a software inventory from instances. Instances scanned for both operating system package, and application programming language package vulnerabilities.

Now here we scan EC2 instances with an agent-based scanning method.

Steps to scan EC2 instances in Amazon Inspector:

Step 1: Launch the EC2 instance of Linux and set all inbound rules like SSH, HTTP, HTTPS, etc.

Step 2: In inspector we inspect all of account by admin access account to delegate it and also inspect our account at a time. So here we inspect login account only.

Go to Amazon Inspector and click on Activate Inspector.

And then you see Amazen inspector dashboard. Here you see Environment coverage, Critical findings, Risk based remediations and most Critical findings of all EC2, ECR and Lambda function and etc.Now click on instances “0%”.

Here you see in details of header “Status” –“Unmanaged EC2 instances”.

Now click on “All finding” and you see there see you see finding about your instances like open port and etc.

Step 3: Now scan EC2 instances continually set a IAM Roles for SSM agent.Go to IAM and click on Roles -> create role.

Select EC2 in use case. Click on next

Step 3.1: select “AmazonSSMManagedInstanceCore” policy and click on next.

Step 3.2: write role name and description of role and click on “create role”.

Now configure this role to EC2 instances.

Step 4: go to EC2 instances click on your instances -> Action -> Security -> Modify IAM role

Step 4.1: choose your create role and click on Update IAM role.

Now it take half an hour and then it see again Inspector now in Environment coverage “instances” is update and then click on it and see the “Stutas” header it update to “Actively monitoring”.

And now it actively scan all package vulnerabilities and for network reachability of your EC2 instances.

Conclusion

So, here we actively scan all package vulnerabilities and for network reachability of our EC2 instances by amazon inspector and monitoring our EC2 instances. Amazon Inspector offers a robust and automated solution for scanning your EC2 instances for vulnerabilities and security misconfigurations.

Scanning Amazon EC2 Instances With Amazon Inspector – FAQ’s

Does Inspector scan stopped instances?

No, Inspector pauses scanning for stopped instances.Inspector will not actively search for vulnerabilities on the stopped instance.

What happens when an instance is stopped?

The virtual machine (VM) running the instance is shut down. This means the instance is no longer operational and unavailable for use.

How frequent is vulnerability scanning?

Network Reachability Scans (EC2 Instances): These scans happen every 24 hours for EC2 instances


Article Tags :
Amazon Web Services
Recommended Articles
1. Amazon Web Services - Introduction to EC2 Spot Instances
2. Amazon Web Services - Flexibility in EC2 Spot Instances
3. Amazon Web Services - Spot Rules in EC2 Spot Instances
4. How To See All Running Amazon EC2 Instances Across All Regions At Once?
5. AWS EC2 On Demand and Spot Instances
6. How To Create EC2 Instances Using SDK For JAVA ?
7. Securing EC2 Instances With Security Groups And Key Pairs
8. Create an EC2 Instance With EC2 User Data Script To Launch Website
9. How To Get An AWS EC2 Instance ID From Within That EC2 Instance?
10. How To Create An AWS EC2 Instance and Attach EBS to EC2 With Terraform?
11. Amazon RDS - Storage for Amazon RDS DB Instances
12. Amazon Web Services - Auto Scaling Amazon EC2
13. How To Attach Single EBS To Multiple Instances?
14. Creating VPC With A Private Subnet And Transferring Files To AWS Instances
15. Pricing Models for Amazon EC2
16. How to Launch a WordPress Website using Amazon EC2 Server ?
17. Amazon Web Services - Denying Access using IAM policy for EC2 and EBS Instance
18. Amazon Web Services - Replacing Unhealthy EC2 Instance in Elastic Beanstalk Environment
19. Amazon VPC - Launching an EC2 Instance into a VPC
20. How to Create Alarm to Terminate an EC2 Instance using the Amazon CloudWatch?
21. Mount AWS S3 Bucket On Amazon EC2-Instance
22. How to Create IAM roles for Amazon EC2?
23. How To Set The Time Zone In Amazon EC2 ?
24. Amazon EC2 - Instance Types
25. Install Jenkins on Amazon EC2: Step-by-Step Guide