AWS::Inspector::AssessmentTemplate
The AWS::Inspector::AssessmentTemplate resource creates an Amazon
Inspector assessment template, which specifies the Inspector assessment targets that will
be evaluated by an assessment run and its related configurations.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::Inspector::AssessmentTemplate", "Properties" : { "AssessmentTargetArn" :String, "AssessmentTemplateName" :String, "DurationInSeconds" :Integer, "RulesPackageArns" :[ String, ... ], "UserAttributesForFindings" :[ Tag, ... ]} }
YAML
Type: AWS::Inspector::AssessmentTemplate Properties: AssessmentTargetArn:StringAssessmentTemplateName:StringDurationInSeconds:IntegerRulesPackageArns:- StringUserAttributesForFindings:- Tag
Properties
AssessmentTargetArn-
The ARN of the assessment target to be included in the assessment template.
Required: Yes
Type: String
Minimum:
1Maximum:
300Update requires: Replacement
AssessmentTemplateName-
The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.
Required: No
Type: String
Minimum:
1Maximum:
140Update requires: Replacement
DurationInSeconds-
The duration of the assessment run in seconds.
Required: Yes
Type: Integer
Minimum:
180Maximum:
86400Update requires: Replacement
RulesPackageArns-
The ARNs of the rules packages that you want to use in the assessment template.
Required: Yes
Type: Array of String
Minimum:
0Maximum:
50Update requires: Replacement
UserAttributesForFindings-
The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.
Required: No
Type: Array of Tag
Minimum:
0Maximum:
10Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the AssessmentTargetArn of the new assessment template.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
Arn-
The Amazon Resource Name (ARN) that specifies the assessment template that is created.
Examples
Declaring an Amazon Inspector Assessment Template Resource
The following example shows how to declare an
AWS::Inspector::AssessmentTemplate resource to create an Amazon
Inspector assessment template.
JSON
{ "Type": "AWS::Inspector::AssessmentTemplate", "Properties": { "AssessmentTargetArn": "arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX", "DurationInSeconds": 180, "AssessmentTemplateName": "MyAssessmentTemplate", "RulesPackageArns": [ "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-11B9DBXp" ], "UserAttributesForFindings": [{ "Key": "Example", "Value": "example" }] } }
YAML
Type: AWS::Inspector::AssessmentTemplate Properties: AssessmentTargetArn: arn:aws:inspector:us-west-2:123456789012:target/0-nvgVhaxX DurationInSeconds: 180 AssessmentTemplateName: MyAssessmentTemplate RulesPackageArns: - arn:aws:inspector:us-west-2:758058086616:rulespackage/0-11B9DBXp UserAttributesForFindings: - Key: Example Value: example
