AWS::Inspector::AssessmentTemplate - AWS CloudFormation

AWS::Inspector::AssessmentTemplate

The AWS::Inspector::AssessmentTemplate resource creates an Amazon Inspector assessment template, which specifies the Inspector assessment targets that will be evaluated by an assessment run and its related configurations.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Inspector::AssessmentTemplate", "Properties" : { "AssessmentTargetArn" : String, "AssessmentTemplateName" : String, "DurationInSeconds" : Integer, "RulesPackageArns" : [ String, ... ], "UserAttributesForFindings" : [ Tag, ... ] } }

YAML

Type: AWS::Inspector::AssessmentTemplate Properties: AssessmentTargetArn: String AssessmentTemplateName: String DurationInSeconds: Integer RulesPackageArns: - String UserAttributesForFindings: - Tag

Properties

AssessmentTargetArn

The ARN of the assessment target to be included in the assessment template.

Required: Yes

Type: String

Minimum: 1

Maximum: 300

Update requires: Replacement

AssessmentTemplateName

The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.

Required: No

Type: String

Minimum: 1

Maximum: 140

Update requires: Replacement

DurationInSeconds

The duration of the assessment run in seconds.

Required: Yes

Type: Integer

Minimum: 180

Maximum: 86400

Update requires: Replacement

RulesPackageArns

The ARNs of the rules packages that you want to use in the assessment template.

Required: Yes

Type: List of String

Maximum: 50

Update requires: Replacement

UserAttributesForFindings

The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.

Required: No

Type: List of Tag

Maximum: 10

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AssessmentTargetArn of the new assessment template.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Arn

The Amazon Resource Name (ARN) that specifies the assessment template that is created.

Examples

Declaring an Amazon Inspector Assessment Template Resource

The following example shows how to declare an AWS::Inspector::AssessmentTemplate resource to create an Amazon Inspector assessment template.

JSON

"myassessmenttemplate": { "Type": "AWS::Inspector::AssessmentTemplate", "Properties": { "AssessmentTargetArn": "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX", "DurationInSeconds": 180, "AssessmentTemplateName": "MyAssessmentTemplate", "RulesPackageArns": [ "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-11B9DBXp" ], "UserAttributesForFindings": [ { "Key": "Example", "Value": "example" } ] } }

YAML

myassessmenttemplate: Type: AWS::Inspector::AssessmentTemplate Properties: AssessmentTargetArn: "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX" AssessmentTemplateName: MyAssessmentTemplate DurationInSeconds: 180 RulesPackageArns: - "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-11B9DBXp" UserAttributesForFindings: - Key: Example Value: example