AWS inspector documentation change
Summary
Condensed documentation about scan deactivation consequences and added Code Security deactivation details
Security assessment
Adds documentation about Code Security deactivation consequences (deleting integrations/projects/scan configs) which relates to security feature management, but doesn't address specific vulnerabilities. The change improves clarity about security feature operations.
Diff
diff --git a/inspector/latest/user/deactivate-scans.md b/inspector/latest/user/deactivate-scans.md index 12dc65477..d973214ab 100644 --- a//inspector/latest/user/deactivate-scans.md +++ b//inspector/latest/user/deactivate-scans.md @@ -9,7 +9 @@ Deactivating scans -This section describes how to deactivate a scan type. When you deactivate a scan type, you lose access to any findings the scan type produced. If you [reactivate the scan type](https://docs.aws.amazon.com/inspector/latest/user/activate-scans.html), Amazon Inspector scans all eligible resources to generate new findings. - -###### Tip - -If you want to keep a record of your findings, you can export them to an Amazon Simple Storage Service (Amazon S3) bucket as a findings report. For more information, see [Exporting Amazon Inspector findings reports](./findings-managing-exporting-reports.html). - -When you deactivate a scan type, you might encounter the following changes in the AWS account where you deactivated the scan type: +When you deactivate a scan type, you lose access to any findings the scan type produced. If you [reactivate the scan type](https://docs.aws.amazon.com/inspector/latest/user/activate-scans.html), Amazon Inspector scans all eligible resources to generate new findings. If you want to keep a record of your findings, you can export them to an Amazon Simple Storage Service (Amazon S3) bucket as a findings report. For more information, see [Exporting Amazon Inspector findings reports](./findings-managing-exporting-reports.html). When you deactivate a scan type, you might encounter the following changes in the AWS account where you deactivated the scan type: @@ -34 +28 @@ When you deactivate Amazon Inspector Amazon EC2 scanning for an account, the fol -Additionally, the Amazon Inspector SSM plugin installed through this association is removed from all of your Windows hosts. For more information, see [Scanning Windows EC2 instance](./windows-scanning.html). +Additionally, the Amazon Inspector SSM plugin is removed from all Windows hosts. For more information, see [Scanning Windows EC2 instance](./windows-scanning.html). @@ -42 +36,5 @@ When you deactivate Amazon ECR scanning for an account, the Amazon ECR scan type -When you deactivate Lambda standard scanning for an account, you deactivate Lambda code scanning if the scan type was actived. You also delete the CloudTrail service-linked channel that Amazon Inspector created when you activated Lambda standard scanning. +When you deactivate Lambda standard scanning for an account, you deactivate Lambda code scanning if the scan type was actived. You also delete the CloudTrail service-linked channel that Amazon Inspector create when you activate Lambda standard scanning. + +###### [Amazon Inspector Code Security](https://docs.aws.amazon.com/inspector/latest/user/scanning-lambda.html#lambda-standard-scans) + +When you deactivate Code Security for your account, you delete all integrations, projects, and scan configurations associated with it. If your account is the delegated administrator for an organization, you only deactivate Code Security for your account, and memeber accounts become standalone accounts.