Mondoo
Docs
Providers

About cnquery Providers

Learn about cnquery providers and special considerations for containers and air-gapped or limited access assets

cnquery can query and inventory dozens of different platforms, from AWS accounts to Windows hosts. Providers are the components of cnquery that allow it to query specific platforms.

When you run a cnquery command, cnquery automatically downloads and installs the provider(s) you need. This saves download time, memory, and disk space, and ensures you always have the latest version.

To learn what providers are available and the resources each one exposes, read Manage cnquery Providers.

For example, suppose you download cnquery and install it on a Linux workstation. When you run a local query, cnquery automatically downloads the operating systems (os) provider and runs the query. The os provider remains on your workstation for next time.

If you then run cnquery shell aws, cnquery downloads the aws provider and opens the shell. The aws provider also remains on your workstation for future use.

Most users don't need to think about providers. cnquery manages them for you. However, there are some situations where you might want to manage providers yourself:

  • Containers
  • Read-only mode or air-gapped environments

Containers

By default, when you spin up a container with cnquery installed and run any cnquery command, cnquery retrieves the latest version of the providers it needs. When the container is destroyed, the providers are destroyed. The next time you spin up a container based on the same image, the download and installation repeat.

To avoid this, you can:

Read-only and air-gapped environments

In some environments, cnquery can't automatically download providers:

  • Read-only mode: Some security situations require that cnquery must not write to the machine on which it's installed.

  • Air-gapped environments: Without network access, cnquery can't download providers.

In both cases, manually install the providers when you install cnquery. To learn how, read Install, update, and remove providers.

If you install cnquery in an environment where it can't automatically update providers, you're responsible for installing provider updates.

To prevent error messages when you run commands, disable provider auto-update. To learn how, read Disable automatic provider updates.

Run a Query Pack

Query packs let you bundle multiple queries together to meet specific needs.

Manage Providers

Learn how to install, update, remove, and disable automatic updates for cnquery providers

On this page

ContainersRead-only and air-gapped environments