Amazon Inspector · JSON Structure
Amazon Inspector Structure
Schema defining the structure of an Amazon Inspector vulnerability finding, including severity, resource details, vulnerability information, and remediation guidance.
Type: object
Properties: 15
Required: 4
ComplianceContainer SecurityEC2LambdaSecurityVulnerability Scanning
Amazon Inspector Finding Definition is a JSON Structure definition published by Amazon Inspector, describing 15 properties, of which 4 are required. It conforms to the https://json-structure.org/meta/core/v0/# meta-schema.
Properties
findingArn
severity
status
type
title
description
awsAccountId
firstObservedAt
lastObservedAt
updatedAt
inspectorScore
resources
remediation
packageVulnerabilityDetails
networkReachabilityDetails
Meta-schema: https://json-structure.org/meta/core/v0/#
JSON Structure
{
"$schema": "https://json-structure.org/meta/core/v0/#",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-inspector/refs/heads/main/json-structure/amazon-inspector-structure.json",
"name": "Amazon Inspector Finding Definition",
"description": "Schema defining the structure of an Amazon Inspector vulnerability finding, including severity, resource details, vulnerability information, and remediation guidance.",
"type": "object",
"required": [
"findingArn",
"severity",
"status",
"type"
],
"properties": {
"findingArn": {
"type": "string",
"description": "The Amazon Resource Name (ARN) of the finding."
},
"severity": {
"type": "string",
"enum": [
"INFORMATIONAL",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL",
"UNTRIAGED"
],
"description": "The severity of the finding."
},
"status": {
"type": "string",
"enum": [
"ACTIVE",
"SUPPRESSED",
"CLOSED"
],
"description": "The status of the finding."
},
"type": {
"type": "string",
"enum": [
"NETWORK_REACHABILITY",
"PACKAGE_VULNERABILITY",
"CODE_VULNERABILITY"
],
"description": "The type of the finding."
},
"title": {
"type": "string",
"description": "The title of the finding."
},
"description": {
"type": "string",
"description": "The description of the finding."
},
"awsAccountId": {
"type": "string",
"description": "The AWS account ID associated with the finding."
},
"firstObservedAt": {
"type": "datetime",
"description": "The date and time the finding was first observed."
},
"lastObservedAt": {
"type": "datetime",
"description": "The date and time the finding was last observed."
},
"updatedAt": {
"type": "datetime",
"description": "The date and time the finding was last updated."
},
"inspectorScore": {
"type": "double",
"minimum": 0,
"maximum": 10,
"description": "The Amazon Inspector score for the finding."
},
"resources": {
"type": "array",
"items": {
"$ref": "#/$defs/Resource"
},
"description": "The resources affected by the finding."
},
"remediation": {
"$ref": "#/$defs/Remediation"
},
"packageVulnerabilityDetails": {
"$ref": "#/$defs/PackageVulnerabilityDetails"
},
"networkReachabilityDetails": {
"$ref": "#/$defs/NetworkReachabilityDetails"
}
},
"$defs": {
"Resource": {
"type": "object",
"description": "A resource affected by a finding.",
"required": [
"id",
"type"
],
"properties": {
"id": {
"type": "string",
"description": "The ID of the resource."
},
"type": {
"type": "string",
"enum": [
"AWS_EC2_INSTANCE",
"AWS_ECR_CONTAINER_IMAGE",
"AWS_ECR_REPOSITORY",
"AWS_LAMBDA_FUNCTION"
],
"description": "The type of the resource."
},
"partition": {
"type": "string",
"description": "The partition of the resource."
},
"region": {
"type": "string",
"description": "The AWS region of the resource."
},
"tags": {
"type": "object",
"additionalProperties": {
"type": "string"
},
"description": "Tags associated with the resource."
}
}
},
"Remediation": {
"type": "object",
"description": "Remediation guidance for a finding.",
"properties": {
"recommendation": {
"type": "object",
"properties": {
"text": {
"type": "string",
"description": "The recommended remediation action."
},
"Url": {
"type": "string",
"format": "uri",
"description": "A URL for more information about the remediation."
}
}
}
}
},
"PackageVulnerabilityDetails": {
"type": "object",
"description": "Details about a package vulnerability finding.",
"properties": {
"vulnerabilityId": {
"type": "string",
"description": "The ID of the vulnerability (e.g., CVE ID)."
},
"source": {
"type": "string",
"description": "The source of the vulnerability information."
},
"sourceUrl": {
"type": "string",
"format": "uri",
"description": "A URL to the source of the vulnerability information."
},
"cvss": {
"type": "array",
"items": {
"type": "object",
"properties": {
"version": {
"type": "string"
},
"baseScore": {
"type": "number"
},
"scoringVector": {
"type": "string"
},
"source": {
"type": "string"
}
}
},
"description": "CVSS scores for the vulnerability."
},
"vulnerablePackages": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string"
},
"version": {
"type": "string"
},
"fixedInVersion": {
"type": "string"
},
"packageManager": {
"type": "string"
}
}
},
"description": "The packages affected by the vulnerability."
}
}
},
"NetworkReachabilityDetails": {
"type": "object",
"description": "Details about a network reachability finding.",
"properties": {
"protocol": {
"type": "string",
"enum": [
"TCP",
"UDP"
],
"description": "The protocol associated with the finding."
},
"openPortRange": {
"type": "object",
"properties": {
"begin": {
"type": "integer"
},
"end": {
"type": "integer"
}
},
"description": "The open port range."
},
"networkPath": {
"type": "object",
"description": "The network path details."
}
}
}
}
}