By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon Inspector Agent over Amazon Linux 2023

0

Hi,

We have an Amazon Linux 2023 EC2 instance which we want to scan with Amazon Inspector. We got the following message(vulnerabilities report isn't available due that) -

'The Inspector agent was not found on this instance. You can run agentless Network Reachability assessments on this instance but cannot run any assessments that need the agent.'

There is any way to overcome this issue? I saw Amazon Inspector Agent is not compatible with Amazon Linux 2023.

Thanks in advance.

Topics
ComputeSecurity, Identity, & Compliance
Tags
Amazon EC2Amazon InspectorAmazon Linux
Language
English
mr
asked 5 months ago523 views
1 Answer
0

Hello.

I don't think you need to install the Inspector agent if you use Amzon Inspector v2.
I think Amzon Inspector v2 can be used if SSM Agent is installed on EC2 and registered as a managed instance.

https://docs.aws.amazon.com/inspector/latest/user/getting_started_tutorial.html

Amazon Inspector can provide Common Vulnerabilities and Exposures (CVE) data for your EC2 instances only if the Amazon EC2 Systems Manager (SSM) agent is installed and activated. This agent is preinstalled on many EC2 instances, but you might need to activate it manually. Regardless of SSM agent status, all of your EC2 instances are scanned for network exposure issues. For more information about configuring scans for Amazon EC2, see Scanning Amazon EC2 instances. Amazon ECR and AWS Lambda function scanning do not require the use of an agent.

We assume that you are probably using Amazon Inspector Classic, in which case the Amazon Inspector agent is not available on Amazon Linux 2023.
https://docs.aws.amazon.com/inspector/v1/userguide/inspector_supported_os_regions.html

profile picture
EXPERT
Riku_Kobayashi
answered 5 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 5 months ago
  • mr
    5 months ago

    Thank you very much for your response. SSM agent is running, but I got 2 question -

    1. There is a way in Amazon Inspector to export a report in PDF like in Amazon Inspector Classic?
    2. I updated some of the libraries on the machine, but there is no change in the finding tab(show vulnerability found 4 days ago), how may I run it again? doesn't it need to be monitored automatically?

    Thanks!

  • Riku_Kobayashi EXPERT
    5 months ago

    There is a way in Amazon Inspector to export a report in PDF like in Amazon Inspector Classic?

    Reports can be output as JSON or CSV. As far as I know, I don't think it's possible to output directly to PDF. Therefore, I think you will need to output it as CSV and convert it to PDF yourself. https://docs.aws.amazon.com/inspector/latest/user/findings-managing-exporting-reports.html

    I updated some of the libraries on the machine, but there is no change in the finding tab(show vulnerability found 4 days ago), how may I run it again? doesn't it need to be monitored automatically?

    EC2 scans are performed at the timings described in the document below. For example, a scan is performed when you start a new EC2 or install new software. https://docs.aws.amazon.com/inspector/latest/user/scanning-ec2.html#ec2-scan-behavior

  • mr
    5 months ago

    Thanks! I did install new package with yum and replace some files on the machine, but looks like nothing is being updated, how may I see the last run of Amazon Inspector or run it manually like in Amazon Inspector Classic?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content