Amazon Inspector2 (inspector2)

2025-07-25

15 new actions, 1 new resource

Additions

    Actions
  • BatchAssociateCodeSecurityScanConfiguration
    • Description:  Grants permission to associate multiple code repositories with an Amazon Inspector code security scan configuration
    • Access:  Write
  • BatchDisassociateCodeSecurityScanConfiguration
    • Description:  Grants permission to disassociate multiple code repositories from an Amazon Inspector code security scan configuration
    • Access:  Write
  • CreateCodeSecurityIntegration
    • Description:  Grants permission to create a code security integration with a source code repository provider
    • Access:  Write
    • Resources: 

      Name: Code Security Integration

      Required: Yes

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys

  • CreateCodeSecurityScanConfiguration
    • Description:  Grants permission to create a scan configuration for code security scanning
    • Access:  Write
    • Resources: 

      Name: Code Security Scan Configuration

      Required: Yes

    • Conditions: 

      aws:RequestTag/${TagKey}

      aws:TagKeys

  • DeleteCodeSecurityIntegration
    • Description:  Grants permission to delete a code security integration
    • Access:  Write
    • Resources: 

      Name: Code Security Integration

      Required: Yes

  • DeleteCodeSecurityScanConfiguration
    • Description:  Grants permission to delete a code security scan configuration
    • Access:  Write
    • Resources: 

      Name: Code Security Scan Configuration

      Required: Yes

  • GetCodeSecurityIntegration
    • Description:  Grants permission to retrieve information about a code security integration
    • Access:  Read
  • GetCodeSecurityScan
    • Description:  Grants permission to retrieve information about a specific code security scan
    • Access:  Read
  • GetCodeSecurityScanConfiguration
    • Description:  Grants permission to retrieve information about a code security scan configuration
    • Access:  Read
  • ListCodeSecurityIntegrations
    • Description:  Grants permission to list all code security integrations in your account
    • Access:  List
  • ListCodeSecurityScanConfigurationAssociations
    • Description:  Grants permission to list the associations between code repositories and Amazon Inspector code security scan configurations
    • Access:  List
  • ListCodeSecurityScanConfigurations
    • Description:  Grants permission to list all code security scan configurations in your account
    • Access:  List
  • StartCodeSecurityScan
    • Description:  Grants permission to initiate a code security scan on a specified repository
    • Access:  Write
  • UpdateCodeSecurityIntegration
    • Description:  Grants permission to update an existing code security integration
    • Access:  Write
    • Resources: 

      Name: Code Security Integration

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

  • UpdateCodeSecurityScanConfiguration
    • Description:  Grants permission to update an existing code security scan configuration
    • Access:  Write
    • Resources: 

      Name: Code Security Scan Configuration

      Required: Yes

    • Conditions: 

      aws:ResourceTag/${TagKey}

    Resources
  • Code
    • Arn:  arn:${Partition}:inspector2:${Region}:${Account}:owner/${OwnerId}/codesecurity-configuration/${CodeSecurityScanConfigurationId}
    • Conditions: 

      aws:ResourceTag/${TagKey}