Certified Security - Specialty

Sign Up Free or Log In to participate!

AWS Inspector Agent needs access to S3 to be fully functional

I think the reason why the reports in the video do not show any findings or less findings then expected, is because the agent does not have outbound access. In this case the AWS Inspector only does the Network reachability check. You do not even have to install the agent to have this check done.

From AWS Inpector documentation:

The Amazon Inspector agent initiates nearly all communication with the Amazon Inspector service. This means that the agent must have an outbound network path to a public endpoint so that it can send telemetry data to the endpoint. For example, the agent might be arsenal..amazonaws.com, and the endpoint might be an Amazon S3 bucket at s3.dualstack.aws-region.amazonaws.com. (Make sure to replace with the actual AWS Region where you are running Amazon Inspector.) For more information, see AWS IP Address Ranges. Because all connections from the agent are established outbound, it is not necessary to open ports in your security groups to allow inbound communications to the agent from Amazon Inspector.

1 Answers

Good call, thanks for posting this!

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?