Issue
I want to get the AWS Inspector assessment run findings on email.
For that i had configured a SNS topic but the mail i received contains arns(refer pic) :
href="https://i.stack.imgur.com/4VChN.png" rel="nofollow noreferrer">
The json data is non-readable(from pic):
{
"template":"arn:aws:inspector:eu-central-1::target/0-nuQpXxdr/template/0-ZgdD12jw",
"run":"arn:aws:inspector:eu-central-1::target/0-nuQpXxdr/template/0-ZgdD12jw/run/0-xNByk8Qd",
"time":"2022-01-19T12:24:51.348Z",
"finding":"arn:aws:inspector:eu-central-1::target/0-nuQpXxdr/template/0-ZgdD12jw/run/0-xNByk8Qd/finding/0-ZGYFvyQi",
"event":"FINDING_REPORTED",
"target":"arn:aws:inspector:eu-central-1::target/0-nuQpXxdr"
}
REQUIRED: I need a way to get the whole report(pdf/html) or URL of this report and not singular un-readable finding. Is there any way out to do so??
Solution
For AWS Inspector Classic: One way I would do it is by having 2 SNS topics let's call them sns1 and sns2, where sns1 has a lambda function subscribed to it, and sns2 sends emails as notifications.
The lambda function here will receive the JSON, convert it into a readable format and push it sns2.
For AWS Inspector V2 you can get rid of the sns1 topic and replace it with AWS EventBridge for lambda.
Here are some links to help you:
- How do I subscribe a Lambda function to an Amazon SNS topic in the same account?
- How to Remediate Amazon Inspector Security Findings Automatically
- Email notification through SNS and Lambda
Answered By - Zaid Afaneh Answer Checked By - David Goodson (WPSolving Volunteer)
