filipeandre · January 14, 2020 11:41
diff --git a/Rough Draft - AWS Systems Manager & Inspector (Scan for Vulns & Patch) b/Rough Draft - AWS Systems Manager & Inspector (Scan for Vulns & Patch)
 # Systems Manager
 aws ssm describe-instance-information  --query "InstanceInformationList[*]"
 aws ssm get-document --name "AmazonInspector-ManageAWSAgent" --output text > AmazonInspector-ManageAWSAgent.doc
 less AmazonInspector-ManageAWSAgent.doc
 aws ssm send-command --targets Key=tag:SecurityScan,Values=true --document-name "AmazonInspector-ManageAWSAgent" --query Command.CommandId --output-s3-bucket-name <LoggingBucket>
 aws ssm list-command-invocations --details --query "CommandInvocations[*].[InstanceId,DocumentName,Status]" --command-id <CommandId>

 # Inspector
 aws inspector create-resource-group --resource-group-tags key=SecurityScan,value=true
 aws inspector create-assessment-target --assessment-target-name GamesDevTargetGroup --resource-group-arn aws inspector create-assessment-target --assessment-target-name GamesDevTargetGroup --resource-group-arn <ResourceGroupARN>
 aws inspector list-rules-packages
 aws inspector describe-rules-packages --query rulesPackages[*].[name,description] --output text --rules-package-arns <RulesPackageArns>
 aws inspector create-assessment-template --assessment-target-arn <AssessmentTargetArn> --assessment-template-name CISCommonVulerBestPract-Short --duration-in-seconds 900 --rules-package-arns <ThreeRulesPackageARNs>
 aws inspector preview-agents --preview-agents-arn <AssessmentTargetArn>
 aws inspector start-assessment-run --assessment-run-name FirstAssessment --assessment-template-arn <AssessmentTemplateArn>
 # should reply w/ collecting data
 aws inspector describe-assessment-runs --assessment-run-arn <AssessmentRunArn>
 aws inspector list-assessment-run-agents --assessment-run-arn <AssessmentRunArn>

 # Create and Apply a Patch Baseline
 aws ssm describe-document --name "AWS-PatchInstanceWithRollback" --query "Document.[Name,Description,PlatformTypes]"
 aws ssm describe-instance-information  --query "InstanceInformationList[*]"
 aws ssm start-automation-execution --document-name "AWS-PatchInstanceWithRollback" --parameters "InstanceId=<InstanceId>,ReportS3Bucket=<LogBucket>"
	# Systems Manager
	aws ssm describe-instance-information --query "InstanceInformationList[*]"
	aws ssm get-document --name "AmazonInspector-ManageAWSAgent" --output text > AmazonInspector-ManageAWSAgent.doc
	less AmazonInspector-ManageAWSAgent.doc
	aws ssm send-command --targets Key=tag:SecurityScan,Values=true --document-name "AmazonInspector-ManageAWSAgent" --query Command.CommandId --output-s3-bucket-name <LoggingBucket>
	aws ssm list-command-invocations --details --query "CommandInvocations[*].[InstanceId,DocumentName,Status]" --command-id <CommandId>

	# Inspector
	aws inspector create-resource-group --resource-group-tags key=SecurityScan,value=true
	aws inspector create-assessment-target --assessment-target-name GamesDevTargetGroup --resource-group-arn aws inspector create-assessment-target --assessment-target-name GamesDevTargetGroup --resource-group-arn <ResourceGroupARN>
	aws inspector list-rules-packages
	aws inspector describe-rules-packages --query rulesPackages[*].[name,description] --output text --rules-package-arns <RulesPackageArns>
	aws inspector create-assessment-template --assessment-target-arn <AssessmentTargetArn> --assessment-template-name CISCommonVulerBestPract-Short --duration-in-seconds 900 --rules-package-arns <ThreeRulesPackageARNs>
	aws inspector preview-agents --preview-agents-arn <AssessmentTargetArn>
	aws inspector start-assessment-run --assessment-run-name FirstAssessment --assessment-template-arn <AssessmentTemplateArn>
	# should reply w/ collecting data
	aws inspector describe-assessment-runs --assessment-run-arn <AssessmentRunArn>
	aws inspector list-assessment-run-agents --assessment-run-arn <AssessmentRunArn>

	# Create and Apply a Patch Baseline
	aws ssm describe-document --name "AWS-PatchInstanceWithRollback" --query "Document.[Name,Description,PlatformTypes]"
	aws ssm describe-instance-information --query "InstanceInformationList[*]"
	aws ssm start-automation-execution --document-name "AWS-PatchInstanceWithRollback" --parameters "InstanceId=<InstanceId>,ReportS3Bucket=<LogBucket>"