Voiced by Amazon Polly |
Introduction
Privacy and security are paramount in the realm of cloud computing. To address these concerns, Amazon Inspector emerges as a valuable tool, empowering users to identify and mitigate potential security vulnerabilities in their applications and infrastructure. By conducting thorough assessments, Amazon Inspector generates comprehensive findings reports, offering actionable insights for effective remediation. Nevertheless, managing these reports can pose challenges, particularly when dealing with expansive deployments or multiple AWS accounts.
This blog post will explore the benefits of exporting findings reports from Amazon Inspector to Amazon S3, the step-by-step process to set up this integration, and some best practices for effectively managing and utilizing the exported reports.
Pioneers in Cloud Consulting & Migration Services
- Reduced infrastructural costs
- Accelerated application deployment
Steps to export findings from Amazon Inspector to Amazon S3
Step 1 – Verify your permissions
Before you export the findings report from Amazon Inspector, we need to check whether the Amazon Inspector status is enabled, then verify that you have permission to export findings reports and configure resources for encrypting and storing the reports. To verify your permissions, evaluate the IAM policies associated with your IAM identity using AWS Identity and Access Management (IAM).
Step 2 – Configure an Amazon S3 bucket
After you verify your permissions, you need to create an Amazon S3 bucket, or we can use the existing one. Here we will configure the existing Amazon S3 bucket (inspector-vulnerability-backup) to store our findings report.
Add the Amazon S3 Bucket policy to get the reports from the Amazon Inspector.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
{ "Version": "2012-10-17", "Statement": [ { "Sid": "allow-inspector", "Effect": "Allow", "Principal": { "Service": "inspector2.amazonaws.com" }, "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:AbortMultipartUpload" ], "Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET/*", "Condition": { "StringEquals": { "aws:SourceAccount": "111122223333" }, "ArnLike": { "aws:SourceArn": "arn:aws:inspector2:Region:111122223333:report/*" } } } ] } |
Step 3 – Configure an AWS KMS Key
Create the AWS KMS key to encrypt the findings report. The key needs to be an AWS KMS key for customer-managed symmetric encryption. In addition, the key must be in the same AWS Region as the Amazon S3 bucket you configured to store the report.
We have created an AWS KMS Key (AWS-Inspector-Key) so that Amazon Inspector will have permission to use the key. Otherwise, the report cannot be exported or encrypted by Amazon Inspector. Update the key’s key policy to grant Amazon Inspector access to use the key.
Step 4 – Configure and export the findings report
You’re prepared to configure and export the report once you’ve checked your permissions and set up the resources necessary to encrypt and save your findings report.
To configure and export the findings report.
- Open the Amazon Inspector console
- In the navigation pane, under Findings, choose All Findings.
- (Optional) By using the filter bar above the Findingstable, add filter criteria that specify which findings to include in the report. Amazon Inspector updates the table as you add criteria to show the findings satisfying the requirements. The table gives you a sneak peek at the information in your report.
- Choose Export Findings.
Choose a file format for the report in the Export options section under Export file type:
- Select JSON to output the data as a JavaScript Object Notation (.json) file.
- Choose CSV to create a comma-separated value (.csv) file containing the data.
- Specify the Amazon S3 bucket where you wish to put the report under the Export location for Amazon S3 URI.
- For the AWS KMS key, specify the AWS KMS key that you want to use to encrypt the report:
- Choose Export.
The findings report is created by Amazon Inspector, encrypted with the AWS KMS key you selected, and added to the Amazon S3 bucket you specified.
Conclusion
By exporting findings reports from Amazon Inspector to Amazon S3, businesses can benefit from the scalability and cost-effectiveness of the storage service. This integration simplifies the organization and retention of reports, enables seamless integration with other AWS services, and facilitates team collaboration for effective vulnerability management. It empowers organizations to proactively address security issues, enhance their overall security posture, and align with industry best practices in securing AWS environments.
Drop a query if you have any questions regarding Amazon Inspector and Amazon S3, and we will get back to you quickly.
Making IT Networks Enterprise-ready – Cloud Management Services
- Accelerated cloud migration
- End-to-end view of the cloud environment
About CloudThat
CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.
CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 850k+ professionals in 600+ cloud certifications and completed 500+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront Service Delivery Partner, Amazon OpenSearch Service Delivery Partner, AWS DMS Service Delivery Partner, AWS Systems Manager Service Delivery Partner, Amazon RDS Service Delivery Partner, AWS CloudFormation Service Delivery Partner, AWS Config, Amazon EMR and many more.
FAQs
1. What is Amazon Inspector?
ANS: – Amazon Inspector is a cloud-based security assessment service that Amazon Web Services (AWS) provides. It helps identify security vulnerabilities and potential misconfigurations in applications and infrastructure deployed on AWS.
2. Why should I export findings reports from Amazon Inspector to Amazon S3?
ANS: – Exporting findings reports to Amazon S3 provides several benefits. It simplifies the management of security vulnerabilities, improves the process of addressing issues, enables better analysis and automation, and strengthens overall security measures in AWS environments.
3. How do I set up the integration between Amazon Inspector and Amazon S3?
ANS: – To set up the integration, you must create an Amazon S3 bucket, configure Amazon Inspector to export findings reports to that bucket, and initiate the export process. This can be done through the AWS Management Console or programmatically using the AWS CLI or SDKs.
4. How can I analyze the exported findings reports?
ANS: – You can analyze the exported reports using various AWS services. For example, you can use AWS Athena, a serverless query service, to run SQL queries and extract insights from the reports. Additionally, AWS QuickSight can generate visualizations and dashboards to view the findings comprehensively.

WRITTEN BY Shaikh Mohammed Fariyaj Najam
Mohammed Fariyaj Shaikh works as a Research Associate at CloudThat. He has strong analytical thinking and problem-solving skills, knowledge of AWS Cloud Services, migration, infrastructure setup, and security, as well as the ability to adopt new technology and learn quickly.
Comments