Top / Amazon Web Service / AWS Amazon Inspector / Assessment Template

AWS Amazon Inspector Assessment Template

This page shows how to write Terraform and CloudFormation for Amazon Inspector Assessment Template and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_inspector_assessment_template (Terraform)

The Assessment Template in Amazon Inspector can be configured in Terraform with the resource name aws_inspector_assessment_template. The following sections describe 2 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L9
resource "aws_inspector_assessment_template" "template" {
  name       = data.aws_region.current.name
  target_arn = aws_inspector_assessment_target.myinspector.arn
  duration   = 3600

  # https://docs.aws.amazon.com/inspector/latest/userguide/inspector_rules-arns.html
main.tf#L7
resource "aws_inspector_assessment_template" "this" {
  duration           = var.duration
  name               = var.name
  rules_package_arns = var.rules_package_arns
  tags               = var.tags
  target_arn         = var.target_arn

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a Inspector assessment template

>> from Terraform Registry

AWS::Inspector::AssessmentTemplate (CloudFormation)

The AssessmentTemplate in Inspector can be configured in CloudFormation with the resource name AWS::Inspector::AssessmentTemplate. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

serverless.yml#L87
      Type: AWS::Inspector::AssessmentTemplate
      Properties:
        AssessmentTargetArn: !Ref AssessmentTarget
        DurationInSeconds: 3600
        RulesPackageArns:
          - ${self:custom.rulearn.${opt:region, self:provider.region}}
AWS_Inspector.yml#L8
        Type: AWS::Inspector::AssessmentTemplate
        Properties:
            AssessmentTargetArn: "arn:aws:inspector:us-east-1:412164052405:target/0-8njuuuPK"
            AssessmentTemplateName: DatalakeAssessmentTemplate
            DurationInSeconds: 3600
            RulesPackageArns:
cfn-inspector-sns.yml#L31
    Type: AWS::Inspector::AssessmentTemplate
    Properties:
      AssessmentTargetArn: !Ref MyInspectorTarget
      DurationInSeconds: 3600
      RulesPackageArns:
        # Common Vulnerabilities and Exposures
cfn-inspector.yml#L27
    Type: AWS::Inspector::AssessmentTemplate
    Properties:
      AssessmentTargetArn: !Ref MyInspectorTarget
      DurationInSeconds: 3600
      RulesPackageArns:
        # Common Vulnerabilities and Exposures
inspector-example.yml#L19
    Type: AWS::Inspector::AssessmentTemplate
    Properties:
      AssessmentTargetArn: !GetAtt inspectorAssessmentTarget.Arn
      AssessmentTemplateName: "Assessment-All-Regional-Rules"
      DurationInSeconds: 7200
aws_inspector.json#L4
    "path": "/ResourceTypes/AWS::Inspector::AssessmentTemplate/Properties/DurationInSeconds/Value",
    "value": {
      "ValueType": "AWS::Inspector::AssessmentTemplate.DurationInSeconds"
    }
  }
]
aws_inspector.json#L4
    "path": "/ResourceTypes/AWS::Inspector::AssessmentTemplate/Properties/DurationInSeconds/Value",
    "value": {
      "ValueType": "AWS::Inspector::AssessmentTemplate.DurationInSeconds"
    }
  }
]
InspectorAssessmentTemplateSpecification.json#L22
    "AWS::Inspector::AssessmentTemplate": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-inspector-assessmenttemplate.html",
      "Attributes": {
        "Arn": {
          "PrimitiveType": "String"
        }
InspectorAssessmentTemplateSpecification.json#L22
    "AWS::Inspector::AssessmentTemplate": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-inspector-assessmenttemplate.html",
      "Attributes": {
        "Arn": {
          "PrimitiveType": "String"
        }
InspectorAssessmentTemplateSpecification.json#L22
    "AWS::Inspector::AssessmentTemplate": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-inspector-assessmenttemplate.html",
      "Attributes": {
        "Arn": {
          "PrimitiveType": "String"
        }

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::Inspector::AssessmentTemplate resource creates an Amazon Inspector assessment template, which specifies the Inspector assessment targets that will be evaluated by an assessment run and its related configurations.

>> from AWS CloudFormation Documentation

The Other Related AWS Amazon Inspector Resources

Frequently asked questions

What is AWS Amazon Inspector Assessment Template?

AWS Amazon Inspector Assessment Template is a resource for Amazon Inspector of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Inspector Assessment Template?

For Terraform, the snapdocs/terraform-aws-inspector and niveklabs/aws source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the tkykm/sls-aws-monitoring-slack, jchirayath/aws and ambasad/devio-blog-cfn source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents