Reference: https://docs.aws.amazon.com/inspector/latest/user/findings-managing-automating-responses.html Recently we had a requirement to get notified about ECR and Lambda inspector scan findings. We could have created an eventbridge rule like this {
"source": ["aws.inspector2"],
"detail-type": ["Inspector2 Finding"],
"detail": {
"severity": ["HIGH", "CRITICAL"],
"status": ["ACTIVE"]
}
}