Skip to content

Resource: awsInspector2OrganizationConfiguration

Terraform resource for managing an AWS Inspector V2 Organization Configuration.

\~> NOTE: In order for this resource to work, the account you use must be an Inspector V2 Delegated Admin Account.

\~> NOTE: When this resource is deleted, EC2, ECR and Lambda scans will no longer be automatically enabled for new members of your Amazon Inspector organization.

Example Usage

Basic Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.inspector2OrganizationConfiguration.Inspector2OrganizationConfiguration(
  this,
  "example",
  {
    autoEnable: {
      ec2: true,
      ecr: false,
      lambda: true,
    },
  }
);

Argument Reference

The following arguments are required:

  • autoEnable - (Required) Configuration block for auto enabling. See below.

autoEnable

  • ec2 - (Required) Whether Amazon EC2 scans are automatically enabled for new members of your Amazon Inspector organization.
  • ecr - (Required) Whether Amazon ECR scans are automatically enabled for new members of your Amazon Inspector organization.
  • lambda - (Optional) Whether Lambda Function scans are automatically enabled for new members of your Amazon Inspector organization.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • maxAccountLimitReached - Whether your configuration reached the max account limit.

Timeouts

Configuration options:

  • create - (Default 5M)
  • update - (Default 5M)
  • delete - (Default 5M)