Can AWS CloudFormation templates for AWS Inspector add an SNS Topic

+1 vote

I've created some CloudFormation templates to deploy Inspector Templates/Targets and associated Lambda functions that parse the outputs and deliver findings to Slack. Is it possible to include in the CF template for Inspector an SNS Topic association as is done when creating a template in the Inspector portal?

It is not an available parameter of AWS::Inspector::AssessmentTemplate. Is this something I will just have to add manually via the portal?

Jul 30, 2018 in AWS by bug_seeker
• 14,970 points
221 views

1 answer to this question.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
+1 vote

I see the SNS option is available only in the UI and CLI/API, I guess the UI/CLI creates Cloudwatch Events rule for you in the background, you create your own rule using AWS::Events::Rule

Reference: Event Patterns

EventRule: Type:

"AWS::Events::Rule"

Properties: Description:

"EventRule"

EventPattern:

source: - "aws.inspector"

detail-type: - "AWS API Call via CloudTrail"

resources: - arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX/template/0-7sbz2Kz0 detail:

eventSource: - "inspector.amazonaws.com"

eventName: - "ASSESSMENT_RUN_COMPLETED"

State: "ENABLED"

Targets: - arn:aws:sns:us-west-2:123456789012:exampletopic

answered Jul 30, 2018 by Priyaj
• 56,120 points
Hi. Unfortunately the events tracked via CloudTrail API calls (from looking at the CloudTrail logs) relate to assessment runs starts events themselves (StartAssessmentRun) rather than the messages that the assessment runs send out (ASSESSMENT_RUN_STARTED, ASSESSMENT_RUN_COMPLETED, FINDING_REPORTED etc.).

Related Questions In AWS

0 votes
1 answer

How do I add python libraries to an AWS lambda function for Alexa?

As it is described in the Amazon ...READ MORE

answered Oct 23, 2018 in AWS by Archana
• 3,770 points
86 views
+3 votes
1 answer

aws cloudformation for atomic stack-update

When you perform a stack update, only ...READ MORE

answered Mar 27, 2018 in AWS by DareDev
• 6,560 points
48 views
0 votes
1 answer

Want to use an AWS Cognito User Pool without putting a password(for an easier approach)

Currently, AWS Cognito is not supporting passwordless ...READ MORE

answered May 4, 2018 in AWS by Cloud gunner
• 4,240 points
1,007 views
0 votes
1 answer
0 votes
1 answer
0 votes
2 answers

© 2018 Brain4ce Education Solutions Pvt. Ltd. All rights Reserved.
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.