This sample project demonstrates how to use an AWS Lambda to filter and process Amazon Inspector Findings, then send them to S3 for archiving or analysis.

Amazon Inspector is a vulnerability management service that continuously scans your AWS workloads for software vulnerabilities and unintended network exposure. Amazon Inspector automatically discovers and scans running Amazon EC2 instances, container images in Amazon Elastic Container Registry (Amazon ECR), and AWS Lambda functions for known software vulnerabilities and unintended network exposure.

Amazon Inspector creates a finding when it discovers a software vulnerability or network configuration issue. A finding describes the vulnerability, identifies the affected resource, rates the severity of the vulnerability, and provides remediation guidance.

This pattern deploys two Amazon EventBridge rules that forward Amazon Inspector Findings and Initial Scan events to Lambda functions. There are two Lambda functions, one that processes Amazon Inspector Findings, and one that processes Amazon Inspector initial scans. The Lambda functions send the processed events to a partitioned S3 Bucket.