diff --git a/modules/security_identity_compliance/inspector2/README.md b/modules/security_identity_compliance/inspector2/README.md
new file mode 100644
index 0000000..7dce7d1
--- /dev/null
+++ b/modules/security_identity_compliance/inspector2/README.md
@@ -0,0 +1,2 @@
+# inspector2 module
+Via awscli, enable inspector2 scanning of ECR repositories
\ No newline at end of file
diff --git a/modules/security_identity_compliance/inspector2/main.tf b/modules/security_identity_compliance/inspector2/main.tf
new file mode 100644
index 0000000..7a7351f
--- /dev/null
+++ b/modules/security_identity_compliance/inspector2/main.tf
@@ -0,0 +1,11 @@
+resource "null_resource" "cli-inspector2" {
+  provisioner "local-exec" {
+    when    = create
+    command = "/bin/bash -c 'aws inspector2 enable --resource-types \"ECR\"'"
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = "/bin/bash -c 'aws inspector2 disable'"
+  }
+}
\ No newline at end of file