From 5732f4bf75e75c1b6e9b9c87c4de85c781df8741 Mon Sep 17 00:00:00 2001
From: xpk <xpk@headdesk.me>
Date: Mon, 29 Aug 2022 10:58:50 +0800
Subject: [PATCH] NEW: inspector2

---
 .../security_identity_compliance/inspector2/README.md |  2 ++
 .../security_identity_compliance/inspector2/main.tf   | 11 +++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 modules/security_identity_compliance/inspector2/README.md
 create mode 100644 modules/security_identity_compliance/inspector2/main.tf

diff --git a/modules/security_identity_compliance/inspector2/README.md b/modules/security_identity_compliance/inspector2/README.md
new file mode 100644
index 0000000..7dce7d1
--- /dev/null
+++ b/modules/security_identity_compliance/inspector2/README.md
@@ -0,0 +1,2 @@
+# inspector2 module
+Via awscli, enable inspector2 scanning of ECR repositories
\ No newline at end of file
diff --git a/modules/security_identity_compliance/inspector2/main.tf b/modules/security_identity_compliance/inspector2/main.tf
new file mode 100644
index 0000000..7a7351f
--- /dev/null
+++ b/modules/security_identity_compliance/inspector2/main.tf
@@ -0,0 +1,11 @@
+resource "null_resource" "cli-inspector2" {
+  provisioner "local-exec" {
+    when    = create
+    command = "/bin/bash -c 'aws inspector2 enable --resource-types \"ECR\"'"
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = "/bin/bash -c 'aws inspector2 disable'"
+  }
+}
\ No newline at end of file