> ## Documentation Index
> Fetch the complete documentation index at: https://docs.rad.security/llms.txt
> Use this file to discover all available pages before exploring further.

# Amazon Inspector

> Configure Amazon Inspector integration with RAD Security for code repository vulnerability management.

# Amazon Inspector Integration Setup

This guide walks you through integrating Amazon Inspector with RAD Security, enabling you to import code security findings and correlate them with runtime security events.

Amazon Inspector is a vulnerability management service that scans Amazon EC2 instances, container images, AWS Lambda functions, and code repositories. This integration imports findings from code repository scans to provide visibility into code-level vulnerabilities.

<Note>
  This integration imports findings from the **Code Security** tab in Amazon Inspector, which includes resources with the `CODE_REPOSITORY` resource type.
</Note>

## Prerequisites

Before you begin, ensure you have:

<Check>
  * Amazon Inspector activated in your AWS account
  * Access to an AWS account with the ability to create IAM policies, roles, and users
  * Access to RAD Security workspace with integration permissions
</Check>

<Info>
  **Need to activate Amazon Inspector?** See the [Amazon Inspector Getting Started documentation](https://docs.aws.amazon.com/inspector/latest/user/getting_started_tutorial.html).
</Info>

***

## Required IAM Permissions

The following IAM policy actions are required for the integration:

| Operation                              | Required Policy Action                                          |
| -------------------------------------- | --------------------------------------------------------------- |
| Query Applications                     | `inspector2:ListFindingAggregations`                            |
| Query Application Findings             | `inspector2:ListFindings`                                       |
| Query findings across all applications | `inspector2:ListFindings`                                       |
| Get Application Finding Details        | `inspector2:ListFindings`, `inspector2:ListFindingAggregations` |

***

## Step 1: Create an IAM Policy

<Tabs>
  <Tab title="Visual Editor">
    <Steps>
      <Step title="Open the IAM Console">
        Log into the AWS Management Console and open the [IAM Console](https://console.aws.amazon.com/iam/)
      </Step>

      <Step title="Navigate to Policies">
        Select **Policies** from the sidebar on the left
      </Step>

      <Step title="Create a New Policy">
        Click **Create Policy**
      </Step>

      <Step title="Select the Inspector2 Service">
        1. In the **Policy Editor**, find the **Select a service** section
        2. Search for and select **Inspector2**
      </Step>

      <Step title="Select Required Actions">
        In the **Actions allowed** section, check the following actions:

        * `ListFindingAggregations`
        * `ListFindings`
      </Step>

      <Step title="Review and Create">
        1. Click **Next**
        2. Enter a **Policy Name** (e.g., `RADSecurityInspectorReadOnly`)
        3. Add an optional **Description**
        4. Click **Create Policy**

        <Note>
          Save the policy name—you'll need it when creating the IAM user.
        </Note>
      </Step>
    </Steps>
  </Tab>

  <Tab title="JSON Editor">
    <Steps>
      <Step title="Open the IAM Console">
        Log into the AWS Management Console and open the [IAM Console](https://console.aws.amazon.com/iam/)
      </Step>

      <Step title="Navigate to Policies">
        Select **Policies** from the sidebar on the left
      </Step>

      <Step title="Create a New Policy">
        Click **Create Policy**
      </Step>

      <Step title="Enter the JSON Policy">
        1. In the **Policy Editor**, select **JSON**
        2. Replace the default content with the following policy:

        ```json theme={null}
        {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Effect": "Allow",
              "Action": [
                "inspector2:ListFindings",
                "inspector2:ListFindingAggregations"
              ],
              "Resource": "*"
            }
          ]
        }
        ```
      </Step>

      <Step title="Review and Create">
        1. Click **Next**
        2. Enter a **Policy Name** (e.g., `RADSecurityInspectorReadOnly`)
        3. Add an optional **Description**
        4. Click **Create Policy**

        <Note>
          Save the policy name—you'll need it when creating the IAM user.
        </Note>
      </Step>
    </Steps>
  </Tab>
</Tabs>

<Info>
  For more information on creating IAM policies, see the [AWS IAM Creating Policies documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html).
</Info>

***

## Step 2: Create an IAM User

<Steps>
  <Step title="Navigate to Users">
    In the [IAM Console](https://console.aws.amazon.com/iam/), select **Users** from the sidebar on the left
  </Step>

  <Step title="Create a New User">
    Click **Create user**
  </Step>

  <Step title="Configure User Details">
    1. Enter a **User name** (e.g., `rad-security-inspector`)
    2. Leave **Provide user access to the AWS Management Console** unchecked—this user only needs API access
    3. Click **Next**
  </Step>

  <Step title="Attach the Policy">
    1. In the **Permissions options** section, select **Attach policies directly**
    2. In the **Permissions policies** section, search for the policy you created in Step 1
    3. Check the box next to the policy
    4. Click **Next**
  </Step>

  <Step title="Review and Create">
    1. Review the user details
    2. Click **Create user**
  </Step>
</Steps>

<Info>
  For more information on creating IAM users, see the [AWS IAM Creating Users documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html).
</Info>

***

## Step 3: Generate Access Keys

<Steps>
  <Step title="Open User Details">
    In the [IAM Console](https://console.aws.amazon.com/iam/), navigate to **Users** and select the user you created in Step 2
  </Step>

  <Step title="Navigate to Security Credentials">
    Click the **Security credentials** tab
  </Step>

  <Step title="Create Access Key">
    1. In the **Access keys** section, click **Create access key**
    2. When prompted to select a use case, select **Other**
    3. Add an optional description tag
    4. Click **Create access key**
  </Step>

  <Step title="Save Your Credentials">
    <Warning>
      **Important:** Save the **Access key ID** and **Secret access key** immediately. The secret access key will not be shown again after you leave this page.
    </Warning>

    1. Copy the **Access key ID**
    2. Copy the **Secret access key**
    3. Store both values securely—you'll need them to configure the integration
  </Step>
</Steps>

<Info>
  For more information on managing access keys, see the [AWS IAM Access Keys documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html).
</Info>

***

## Step 4: Identify Your AWS Region

To find your Amazon Inspector region:

1. Navigate to the [Amazon Inspector Console](https://console.aws.amazon.com/inspector/)
2. Look at the URL in your browser—the region appears in the format: `{region}.console.aws.amazon.com`
3. Note the region code (e.g., `us-east-1`, `us-west-2`, `eu-west-1`)

<Info>
  Common AWS regions include:

  * `us-east-1` (N. Virginia)
  * `us-west-2` (Oregon)
  * `eu-west-1` (Ireland)
  * `ap-southeast-1` (Singapore)

  For a full list, see [AWS Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html).
</Info>

***

## Step 5: Configure in RAD Security

Navigate to your RAD Security workspace and configure the Amazon Inspector integration with the following parameters:

### Required Parameters

| Parameter             | Description                               | Example                                    |
| --------------------- | ----------------------------------------- | ------------------------------------------ |
| **Integration Name**  | A descriptive name for this integration   | `AWS Inspector - Production`               |
| **Access Key ID**     | The Access Key ID generated in Step 3     | `AKIAIOSFODNN7EXAMPLE`                     |
| **Secret Access Key** | The Secret Access Key generated in Step 3 | `wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY` |
| **Region**            | Your Amazon Inspector region from Step 4  | `us-east-1`                                |

***

## Verify Integration

After completing the setup, verify your integration is working:

1. Navigate to **Data Sources > Integrations > Vulnerabilities** in RAD Security
2. Locate your Amazon Inspector integration
3. Check the connection status shows as **Connected**
4. Verify code security findings are being synced

<Check>
  Your Amazon Inspector integration is now configured! RAD Security can now import code security findings and correlate them with runtime security events.
</Check>

***

## What Data is Synced

Once configured, RAD Security will sync code security findings from Amazon Inspector:

<AccordionGroup>
  <Accordion title="Code Security Findings" icon="code">
    * Vulnerability identifiers (CVE IDs)
    * Severity levels and CVSS scores
    * Affected code repositories
    * Vulnerable dependencies and packages
    * Remediation recommendations
    * Finding status and detection dates
  </Accordion>

  <Accordion title="Repository Information" icon="code-branch">
    * Repository names and identifiers
    * Branch information
    * File paths with vulnerabilities
    * Dependency manifest files
  </Accordion>

  <Accordion title="Vulnerability Details" icon="bug">
    * Package name and version
    * Fixed version (if available)
    * Vulnerability description
    * Exploit availability indicators
    * Related security advisories
  </Accordion>
</AccordionGroup>

***

## Use Cases

<CardGroup cols={2}>
  <Card title="Code Vulnerability Correlation" icon="diagram-venn">
    Correlate code repository vulnerabilities with runtime security events to identify exploitable weaknesses.
  </Card>

  <Card title="Dependency Risk Assessment" icon="ranking-star">
    Prioritize vulnerable dependencies based on severity, exploitability, and usage in production.
  </Card>

  <Card title="Supply Chain Security" icon="link">
    Monitor third-party dependencies for known vulnerabilities across your code repositories.
  </Card>

  <Card title="Remediation Tracking" icon="clipboard-check">
    Track vulnerability remediation progress and validate fixes in your development pipeline.
  </Card>
</CardGroup>

***

## Troubleshooting

<AccordionGroup>
  <Accordion title="Authentication Failed" icon="triangle-exclamation">
    **Possible causes:**

    * Incorrect Access Key ID or Secret Access Key
    * Access keys have been deactivated or deleted
    * IAM user has been deleted

    **Solution:**

    * Verify the Access Key ID and Secret Access Key are correct
    * Check the IAM Console to ensure the access keys are active
    * Generate new access keys if necessary
  </Accordion>

  <Accordion title="Insufficient Permissions" icon="shield-exclamation">
    **Possible causes:**

    * IAM policy doesn't include required actions
    * Policy not attached to the IAM user
    * Resource restrictions in the policy

    **Solution:**

    * Verify the IAM policy includes `inspector2:ListFindings` and `inspector2:ListFindingAggregations`
    * Ensure the policy is attached to the correct IAM user
    * Check that the policy resource is set to `*` or includes the necessary resources
  </Accordion>

  <Accordion title="No Data Syncing" icon="database">
    **Possible causes:**

    * Amazon Inspector not activated
    * No code repositories configured for scanning
    * No findings exist in the Code Security tab
    * Wrong region configured

    **Solution:**

    * Verify Amazon Inspector is activated in your AWS account
    * Ensure code repository scanning is enabled in Amazon Inspector
    * Check the Code Security tab in the Amazon Inspector Console for existing findings
    * Confirm you're using the correct AWS region
  </Accordion>

  <Accordion title="Wrong Region" icon="globe">
    **Possible causes:**

    * Region mismatch between configuration and Amazon Inspector

    **Solution:**

    * Navigate to the Amazon Inspector Console and verify the region in the URL
    * Update the region in your RAD Security integration configuration
    * Note that Amazon Inspector findings are region-specific
  </Accordion>

  <Accordion title="Access Key Rotation Issues" icon="rotate">
    **Possible causes:**

    * Access keys were rotated but integration not updated
    * Old access keys were deleted before new ones were configured

    **Solution:**

    * Generate new access keys in the IAM Console
    * Update the integration configuration in RAD Security with the new credentials
    * Delete old access keys only after verifying the new ones work
  </Accordion>
</AccordionGroup>

***

## Security Best Practices

<CardGroup cols={2}>
  <Card title="Use Dedicated IAM Users" icon="user-gear">
    Create a dedicated IAM user for RAD Security integration rather than using existing user credentials.
  </Card>

  <Card title="Least Privilege Access" icon="shield-halved">
    Only grant the minimum required permissions. The read-only permissions in this guide are sufficient for the integration.
  </Card>

  <Card title="Secure Credential Storage" icon="lock">
    Store access keys securely. Never commit them to version control or share via unsecured channels.
  </Card>

  <Card title="Regular Key Rotation" icon="rotate">
    Rotate access keys periodically according to your organization's security policies.
  </Card>

  <Card title="Monitor API Usage" icon="chart-line">
    Use AWS CloudTrail to monitor API calls made by the integration user for anomalous activity.
  </Card>

  <Card title="Enable MFA for Admin Accounts" icon="mobile">
    Ensure MFA is enabled for any admin accounts that manage the IAM user and policies.
  </Card>
</CardGroup>

***

## Access Key Rotation

To rotate your access keys without service interruption:

<Steps>
  <Step title="Create New Access Keys">
    1. Navigate to the IAM user in the AWS Console
    2. Go to **Security credentials**
    3. Click **Create access key**
    4. Save the new Access Key ID and Secret Access Key
  </Step>

  <Step title="Update RAD Security">
    1. Navigate to the Amazon Inspector integration in RAD Security
    2. Update the **Access Key ID** and **Secret Access Key** with the new values
    3. Save the configuration
  </Step>

  <Step title="Verify the Integration">
    1. Confirm the integration status shows **Connected**
    2. Verify data is still syncing correctly
  </Step>

  <Step title="Delete Old Access Keys">
    1. Return to the IAM user in the AWS Console
    2. Locate the old access key
    3. Click **Actions > Delete**
    4. Confirm deletion
  </Step>
</Steps>

<Warning>
  Always verify the new access keys are working before deleting the old ones to avoid service interruption.
</Warning>

***

## Additional Resources

<CardGroup cols={2}>
  <Card title="Amazon Inspector Documentation" icon="aws" href="https://docs.aws.amazon.com/inspector/">
    Official AWS documentation for Amazon Inspector
  </Card>

  <Card title="IAM Best Practices" icon="shield-check" href="https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html">
    AWS IAM security best practices guide
  </Card>
</CardGroup>

***

## Next Steps

<CardGroup cols={2}>
  <Card title="Vulnerabilities Overview" icon="shield-halved" href="/rad-security/integrations/vulnerabilities/overview">
    Explore other vulnerability integration options
  </Card>

  <Card title="Runtime Security" icon="shield" href="/rad-security/integrations/runtime-security">
    Learn how RAD correlates vulnerabilities with runtime threats
  </Card>

  <Card title="Alerts & Incidents" icon="bell" href="/rad-security/platform/workspace">
    Configure alerts for vulnerability-related events
  </Card>

  <Card title="Threat Models" icon="crosshairs" href="/rad-security/security-and-compliance/overview">
    Understand how threats are detected and prioritized
  </Card>
</CardGroup>