Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/awslabs/amazon-inspector-auto-remediate

Lambda job in Python to automatically patch EC2 instances when an inspector assessment generates a CVE finding
https://github.com/awslabs/amazon-inspector-auto-remediate

Last synced: about 1 month ago
JSON representation

Lambda job in Python to automatically patch EC2 instances when an inspector assessment generates a CVE finding

Host: GitHub
URL: https://github.com/awslabs/amazon-inspector-auto-remediate
Owner: awslabs
License: apache-2.0
Created: 2016-07-29T16:55:11.000Z (over 8 years ago)
Default Branch: master
Last Pushed: 2018-06-11T22:28:58.000Z (over 6 years ago)
Last Synced: 2024-08-01T10:16:15.444Z (4 months ago)
Language: Python
Size: 12.7 KB
Stars: 57
Watchers: 6
Forks: 35
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-cloud-security - AWS Inspector Auto Remediation

README

# AmazonInspectorAutoRemediation
This script is designed to run in AWS Lambda and will not work elsewhere.

This is an AWS Lambda job, written in Python, to automatically patch EC2 instances when an inspector assessment generates a CVE finding.

The job requires that the EC2 instance to be patched have the SSM (EC2 Simple System Manager) agent installed, and the agent must have a role attached with necessary SSM permissions. For details on this, see https://docs.aws.amazon.com/ssm/latest/APIReference/Welcome.html.

The job is triggered by an SNS notification of a new finding from Inspector. The job checks to make sure that the finding is a CVE missing patch finding, and if so, it checks to ensure tha the SSM agent is running. It then uses SSM to issue the appropriate patch-and-reboot commands to either Ubuntu or Amazon Linux.