Questions tagged with Amazon EC2

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS Inspector V2 and AWS Inspector Classic findings are different

I am using Ubuntu 20.04 EC2 Instances and was investigating the difference between AWS Inspector Classic and AWS Inspector V2. There seemed to be many differences but the main one was the actual findings. With Inspector Classic a number of CVE would be found while with Inspector V2 the same instance once scanned would say `No Findings`. ### Inspector Classic finds 53 CVE's ![Enter image description here](/media/postImages/original/IM7H1iE2k8S2iL21F4CODGEQ) ### Same instance with InspectorV2 Just show `No findings` ![Enter image description here](/media/postImages/original/IMLgoOIjGzSqm7eZcT5bGH4Q) ------- With Inspector Classic I did attach a rule called `Common Vulnerabilities and Exposures-1.1`. I'm not sure what Inspector V2 actually checks against either. During my search to make this work did find that I needed the following Systems Managers manager Association needed to work `InspectorInventoryCollection-do-not-delete`. It's working now and show success for all ec2 instances. I am unsure if the `InvokeInspectorSsmPlugin-do-not-delete` Association needs to work as well. Not quite sure what this is used for but it shows skipped for all instances and when I look at the detailed status output on a specific instances is just says `InvalidPlatform`. Not sure if this is related. Can InspectorV2 actually be used to check Ubuntu 20.04 CVE's. If so how. Is there some special IAM or SSM config/setup that needs to be applied?
profile picture
asked 11 days ago