or deleting instances. It is hard to update the scan target (update the conﬁguration ﬁle). • You do not need to scan all servers. • If we have servers of the same conﬁguration (e.g. Web server) that use server conﬁguration tools (chef, ansible etc), may be scanned only one of them. • I would like to ﬁnd automatically the scan target by describing tags like Amazon Inspector.
$ export AWS_ACCESS_KEY_ID=ACCESS_KEY_ID • $ export AWS_SECRET_ACCESS_KEY=ECRET_ACCESS_KEY • $ export AWS_REGION=us-east-1 • Set the tag to EC2 instance that you want to scan ɾ Name: Name of server. e.g. web-server-1 ɾ Vuls-Scan (Default): Scan target. e.g. Vuls-Scan:True