Operating systems and programming languages supported by Amazon Inspector - Amazon Inspector

Operating systems and programming languages supported by Amazon Inspector

Amazon Inspector can scan software applications installed on Amazon Elastic Compute Cloud (Amazon EC2) instances, container images stored in Amazon Elastic Container Registry (Amazon ECR) repositories and AWS Lambda functions. For container images in Amazon ECR, Amazon Inspector can scan for both operating system and programming language package vulnerabilities. When Amazon Inspector scans resources, it uses its own purpose-built scanning engine and it sources more than 50 data feeds to generate findings for Common Vulnerabilities and Exposures (CVEs). Sources include vendor security advisories, NVD, MITRE, open-source feeds, internal research, and licensed data feeds.

For Amazon Inspector to scan a resource, the resource must be running a supported operating system or use a supported programming language. The topics in this section list the operating systems and programming languages that Amazon Inspector currently supports. They also list operating systems that Amazon Inspector previously supported but have since been discontinued by vendors. Amazon Inspector can provide only limited support for an operating system after a vendor discontinues support for the operating system.

Supported operating systems: Amazon EC2 scanning

The following table lists the operating systems that Amazon Inspector currently supports for scans of Amazon Elastic Compute Cloud (Amazon EC2) instances, and the source of the vendor security advisories for each one.

Operating system Version Vendor security advisories
Amazon Linux 2 (AL2) AL2 ALAS
Amazon Linux 2022 (AL2022) AL2022 ALAS
Bottlerocket 1.7.0 and later GHSA, CVE
CentOS Linux (CentOS) 7 CESA
CentOS Linux (CentOS) 8 RHSA
Debian Server (Bullseye) 11 DSA
Debian Server (Buster) 10 DSA
Oracle Linux (Oracle) 7 ELSA
Oracle Linux (Oracle) 8 ELSA
Oracle Linux (Oracle) 9 ELSA
Red Hat Enterprise Linux (RHEL) 7 RHSA
Red Hat Enterprise Linux (RHEL) 8 RHSA
Red Hat Enterprise Linux (RHEL) 9 RHSA
Rocky Linux 8 RLSA
SUSE Linux Enterprise Server (SLES) 12 SUSE CVE
SUSE Linux Enterprise Server (SLES) 15 SUSE CVE
Ubuntu (Trusty) 14.04 (ESM) USN
Ubuntu (Xenial) 16.04 (ESM) USN
Ubuntu (Bionic) 18.04 (LTS) USN
Ubuntu (Focal) 20.04 (LTS) USN
Ubuntu (Jammy) 22.04 (LTS) USN
Windows Server 2012 2012 MSKB
Windows Server 2012 R2 2012 R2 MSKB
Windows Server 2016 2016 MSKB
Windows Server 2019 2019 MSKB
Windows Server 2022 2022 MSKB

Supported operating systems: Amazon ECR scanning

The following table lists the operating systems that Amazon Inspector currently supports for scans of container images in Amazon Elastic Container Registry (Amazon ECR) repositories, and the source of the vendor security advisories for each one.

Operating system Version Vendor security advisories
Alpine Linux (Alpine) 3.12 Alpine Secdb
Alpine Linux (Alpine) 3.13 Alpine Secdb
Alpine Linux (Alpine) 3.14 Alpine Secdb
Alpine Linux (Alpine) 3.15 Alpine Secdb
Alpine Linux (Alpine) 3.16 Alpine Secdb
Amazon Linux 2 (AL2) AL2 ALAS
Amazon Linux 2022 (AL2022) AL2022 ALAS
CentOS Linux (CentOS) 7 CESA
CentOS Linux (CentOS) 8 RHSA
Debian Server (Bullseye) 11 DSA
Debian Server (Buster) 10 DSA
OpenSUSE Leap (SUSE Leap) 15.2 SUSE CVE
OpenSUSE Leap (SUSE Leap) 15.3 SUSE CVE
Oracle Linux (Oracle) 7 ELSA
Oracle Linux (Oracle) 8 ELSA
Oracle Linux (Oracle) 9 ELSA
Red Hat Enterprise Linux (RHEL) 7 RHSA
Red Hat Enterprise Linux (RHEL) 8 RHSA
Red Hat Enterprise Linux (RHEL) 9 RHSA
SUSE Linux Enterprise Server (SLES) 12 SUSE CVE
SUSE Linux Enterprise Server (SLES) 15 SUSE CVE
Ubuntu (Trusty) 14.04 (ESM) USN
Ubuntu (Xenial) 16.04 (ESM) USN
Ubuntu (Bionic) 18.04 (LTS) USN
Ubuntu (Focal) 20.04 (LTS) USN
Ubuntu (Jammy) 22.04 (LTS) USN

Supported programming languages: Amazon ECR scanning

For container images in Amazon Elastic Container Registry (Amazon ECR) repositories, Amazon Inspector can scan software packages for the following programming languages:

  • C#

  • Go

  • Java

  • JavaScript

  • PHP

  • Python

  • Ruby

  • Rust

Supported programming languages: AWS Lambda function scanning

For AWS Lambda functions, Amazon Inspector can scan for the following programming languages:

  • Java

    • Java 8

    • Java 11

  • NodeJS

    • NodeJS 12

    • NodeJS 14

    • NodeJS 16

  • Python

    • Python 3.7

    • Python 3.8

    • Python 3.9

Discontinued operating systems

Standard vendor support for the operating systems listed in the following tables has been discontinued by the vendor. In the tables, the Discontinued column indicates when the vendor discontinued standard support for an operating system.

Amazon Inspector previously provided full support for these operating systems and will continue to scan Amazon Elastic Compute Cloud (Amazon EC2) instances and Amazon Elastic Container Registry (Amazon ECR) container images that are running them. However, in accordance with vendor policy, the operating systems are no longer updated with patches and, in many cases, new security advisories are no longer released for them. In addition, some vendors remove existing security advisories and detections from their feeds when an affected operating system reaches the end of standard support. Consequently, Amazon Inspector might stop generating findings for known CVEs. Any findings that Amazon Inspector does generate for a discontinued operating system should be used for informational purposes only.

As a security best practice and for continued Amazon Inspector coverage, we encourage you to move to a current, supported version of an operating system.

Discontinued operating systems: Amazon EC2 scanning

Operating system Version Vendor security advisories Discontinued
Amazon Linux AMI (AL1) AL1 ALAS December 31, 2020
Debian Server (Stretch) 9 DSA June 30, 2022
Oracle Linux (Oracle) 6 ELSA March 1, 2021
Ubuntu (Groovy) 20.10 USN July 22, 2021
Ubuntu (Hirsute) 21.04 USN January 20, 2022
Ubuntu (Impish) 21.10 USN July 31, 2022

Discontinued operating systems: Amazon ECR scanning

Operating system Version Vendor security advisories Discontinued
Amazon Linux (AL1) 2018.03 ALAS December 31, 2021
Debian Server (Stretch) 9 DSA June 30, 2022
Oracle Linux (Oracle) 6 ELSA March 1, 2021
Ubuntu (Groovy) 20.10 USN July 22, 2021
Ubuntu (Hirsute) 21.04 USN January 20, 2022
Ubuntu (Impish) 21.10 USN July 31, 2022