Remediation
Enable Amazon Inspector Lambda Code Scanningβ
If you are the delegated administrator for an AWS Organization, you can centrally enable Amazon Inspector scan types across multiple accounts and Regions using the AWS CLI and automation scripts. For additional guidance, refer to the inspector2-enablement-with-cli repository on GitHub.
From Consoleβ
To activate Amazon Inspector Lambda Code Scanning:
-
Open the Amazon Inspector console: https://console.aws.amazon.com/inspector/v2/home
-
Using the AWS Region selector in the upper-right corner, select the Region where your Lambda functions are deployed.
-
In the navigation pane, choose Account management.
-
Select the account(s) for which you want to enable a scan type.
-
Choose Activate, then select AWS Lambda Standard scanning + AWS Lambda Code scanning.
-
Repeat these steps in each AWS Region that hosts Lambda functions to ensure comprehensive coverage.