NEW: inspector2

2022-08-29 10:58:50 +08:00 · 2022-08-29 10:58:50 +08:00 · 5732f4bf75
commit 5732f4bf75
parent e291845a78
2 changed files with 13 additions and 0 deletions
--- a/modules/security_identity_compliance/inspector2/README.md
+++ b/modules/security_identity_compliance/inspector2/README.md
@ -0,0 +1,2 @@
+# inspector2 module
+Via awscli, enable inspector2 scanning of ECR repositories
--- a/modules/security_identity_compliance/inspector2/main.tf
+++ b/modules/security_identity_compliance/inspector2/main.tf
@ -0,0 +1,11 @@
+resource "null_resource" "cli-inspector2" {
+  provisioner "local-exec" {
+    when    = create
+    command = "/bin/bash -c 'aws inspector2 enable --resource-types \"ECR\"'"
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = "/bin/bash -c 'aws inspector2 disable'"
+  }
+}