

本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# 手動安裝和組態
<a name="inspector-vm-scanner-using"></a>

 本節說明如何在 Amazon EC2 執行個體上手動安裝和設定 Inspector VM Scanner。手動安裝視為*代理程式型掃描*，不需要 Amazon EC2 Systems Manager (SSM)。

**注意**  
 如果您在 Amazon Inspector 主控台中啟用增強型 EC2 掃描，Amazon Inspector 會自動使用 SSM 安裝和管理 VM Scanner。只有在您無法使用 SSM 或偏好獨立管理掃描器時，才需要手動安裝。

## 手動安裝和解除安裝 Inspector VM Scanner
<a name="inspector-vm-scanner-manual-install"></a>

 Inspector VM Scanner 可透過以下連結進行獨立安裝：


**Inspector VM Scanner 套件**  

| **套件類型** | **架構** | **URL** | 
| --- | --- | --- | 
| .apk | ARM | https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-ARM/inspector-vm-scanner-latest-r0.apk | 
|  | X86\_64 | https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-X86\_64/inspector-vm-scanner-latest-r0.apk | 
| .deb | ARM | https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-ARM/inspector-vm-scanner\_latest\_arm64.deb | 
|  | X86\_64 | https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-X86\_64/inspector-vm-scanner\_latest\_amd64.deb | 
| .msi | X86\_64 | https://inspector-vm-scanner.s3.amazonaws.com/latest/MSI-X86\_64/inspector-vm-scanner-x86\_64-latest.msi | 
| .pkg | ARM | https://inspector-vm-scanner.s3.amazonaws.com/latest/PKG-ARM/inspector-vm-scanner.latest.arm64.pkg | 
| .rpm | ARM | https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-ARM/inspector-vm-scanner-latest.arm64.rpm | 
|  | X86\_64 | https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-X86\_64/inspector-vm-scanner-latest.x86\_64.rpm | 

 若要檢視在指定的套件管理員上手動安裝 Inspector VM Scanner 的程序，請從下列清單中選擇連結：
+ [APK](#inspector-vm-scanner-apk)
+ [DEB](#inspector-vm-scanner-deb)
+ [MSI](#inspector-vm-scanner-msi)
+ [PKG](#inspector-vm-scanner-pkg)
+ [RPM](#inspector-vm-scanner-rpm)

### APK
<a name="inspector-vm-scanner-apk"></a>

#### 安裝
<a name="inspector-vm-scanner-apk-install"></a>

 **ARM** 

```
curl --output-dir /etc/apk/keys -O https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-ARM/inspector-vm-scanner.pem.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-ARM/inspector-vm-scanner-latest-r0.apk
apk add inspector-vm-scanner-latest-r0.apk
```

 **X86\_64** 

```
curl --output-dir /etc/apk/keys -O https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-X86_64/inspector-vm-scanner.pem.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/APK-X86_64/inspector-vm-scanner-latest-r0.apk
apk add inspector-vm-scanner-latest-r0.apk
```

#### 解除安裝
<a name="inspector-vm-scanner-apk-uninstall"></a>

```
apk del inspector-vm-scanner
```

### DEB
<a name="inspector-vm-scanner-deb"></a>

#### 安裝
<a name="inspector-vm-scanner-deb-install"></a>

 **ARM** 

```
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-ARM/inspector-vm-scanner.gpg.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-ARM/inspector-vm-scanner_latest_arm64.deb
gpg --import inspector-vm-scanner.gpg.pub
gpg --verify inspector-vm-scanner_latest_arm64.deb
sudo dpkg -i inspector-vm-scanner_latest_arm64.deb
```

 **X86\_64** 

```
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-X86_64/inspector-vm-scanner.gpg.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/DEB-X86_64/inspector-vm-scanner_latest_amd64.deb
gpg --import inspector-vm-scanner.gpg.pub
gpg --verify inspector-vm-scanner_latest_amd64.deb
sudo dpkg -i inspector-vm-scanner_latest_amd64.deb
```

#### 解除安裝
<a name="inspector-vm-scanner-deb-uninstall"></a>

```
sudo dpkg -r inspector-vm-scanner
```

### MSI
<a name="inspector-vm-scanner-msi"></a>

#### 安裝
<a name="inspector-vm-scanner-msi-install"></a>

 **X86\_64** 

```
Invoke-WebRequest https://inspector-vm-scanner.s3.amazonaws.com/latest/MSI-X86_64/inspector-vm-scanner-x86_64-latest.msi -OutFile inspector-vm-scanner-x86_64-latest.msi
msiexec /i inspector-vm-scanner-x86_64-latest.msi /qn
```

#### 解除安裝
<a name="inspector-vm-scanner-msi-uninstall"></a>

 若要在 上解除安裝 Inspector VM ScannerWindows，請使用Windows程式和功能控制面板或下列 PowerShell 命令：

```
Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -eq "Inspector VM Scanner"} | ForEach-Object {$_.Uninstall()}
```

### PKG
<a name="inspector-vm-scanner-pkg"></a>

#### 安裝
<a name="inspector-vm-scanner-pkg-install"></a>

 **ARM** 

```
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/PKG-ARM/inspector-vm-scanner.latest.arm64.pkg
pkgutil --check-signature inspector-vm-scanner.latest.arm64.pkg
sudo installer -pkg inspector-vm-scanner.latest.arm64.pkg -target /
```

#### 解除安裝
<a name="inspector-vm-scanner-pkg-uninstall"></a>

```
sudo rm /opt/aws/inspector/bin/inspector-vm-scanner
sudo rm -rf /var/lib/amazon/inspector
```

### RPM
<a name="inspector-vm-scanner-rpm"></a>

#### 安裝
<a name="inspector-vm-scanner-rpm-install"></a>

 **ARM** 

```
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-ARM/inspector-vm-scanner.gpg.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-ARM/inspector-vm-scanner-latest.arm64.rpm
rpm --import inspector-vm-scanner.gpg.pub
rpm --checksig inspector-vm-scanner-latest.arm64.rpm
sudo yum install inspector-vm-scanner-latest.arm64.rpm
```

 **X86\_64** 

```
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-X86_64/inspector-vm-scanner.gpg.pub
curl -O https://inspector-vm-scanner.s3.amazonaws.com/latest/RPM-X86_64/inspector-vm-scanner-latest.x86_64.rpm
rpm --import inspector-vm-scanner.gpg.pub
rpm --checksig inspector-vm-scanner-latest.x86_64.rpm
sudo yum install inspector-vm-scanner-latest.x86_64.rpm
```

#### 解除安裝
<a name="inspector-vm-scanner-rpm-uninstall"></a>

```
sudo yum remove inspector-vm-scanner
```

## 安裝路徑
<a name="inspector-vm-scanner-installation-paths"></a>

 在所有以 Unix 為基礎的作業系統 （包括 macOS) 上，Inspector VM Scanner 會安裝到 `/opt/aws/inspector/bin/inspector-vm-scanner`。例外是使用替代路徑 的 Alpine 作業系統 （包括 Chainguard)`/usr/opt/aws/inspector/bin/inspector-vm-scanner`。

 在 上Windows，Inspector VM Scanner 會安裝到 `C:\Program Files\Amazon\Inspector\inspector-vm-scanner.exe`。

 這些安裝路徑 (Alpine 除外） 與 Inspector SSM 外掛程式相同，後者會將所有 Inspector 二進位檔存放在單一位置。

## 解除安裝 Inspector VM Scanner
<a name="inspector-vm-scanner-uninstalling"></a>

 如果您停用增強型 EC2 掃描，則 Inspector 會自動在所有 Inspector 受管執行個體上解除安裝 Inspector VM Scanner。若要移除手動安裝，請參閱上述章節中您套件管理員的解除安裝說明。

## 執行 Inspector VM Scanner
<a name="inspector-vm-scanner-running"></a>

 Inspector VM Scanner 預期**掃描類型**會做為第一個參數傳遞。目前唯一支援的值是 `sbom`。

 預設用量命令：

```
./inspector-vm-scanner sbom --send-results telemetry
```

 SBOM 掃描的列印選項：

```
./inspector-vm-scanner sbom --help
```

## 檢視輸出
<a name="inspector-vm-scanner-viewing-output"></a>

 預設 Inspector 工作流程不會在本機儲存 SBOM。不過，如果透過遙測傳送資源 SBOM 時發生任何失敗，則會將其寫入至下列位置：
+ `/var/lib/amazon/inspector/state/sbom.json` 在 Unix 上
+ Windows 的 `C:\ProgramData\Amazon\Inspector\State\sbom.json`

 使用者可以在 VM Scanner 調用期間覆寫此路徑。如需詳細資訊，請參閱[進階組態](inspector-vm-scanner-advanced-config.md)。