Remediation
Enable Amazon Inspector EC2 Scanningβ
If you are the delegated administrator for an AWS Organization, you can enable Amazon Inspector scan types across multiple accounts and Regions using the AWS CLI and automation scripts. For additional guidance, refer to the inspector2-enablement-with-cli repository on GitHub.
From Consoleβ
To activate Amazon Inspector EC2 scanning:
-
Open the Amazon Inspector console: https://console.aws.amazon.com/inspector/v2/home
-
Using the AWS Region selector in the upper-right corner, select the Region in which you want to enable EC2 scanning.
-
In the navigation pane, choose Account management.
-
Select the account(s) for which you want to enable a scan type.
-
Choose Activate, then select EC2 scanning.
-
Repeat these steps for each AWS Region where EC2 instances are deployed to ensure comprehensive coverage.