cnspec scan aws ec2 ebs

Scan an AWS instance using an EBS volume scan. This requires an AWS host.

Synopsis

Scan an AWS instance using an EBS volume scan. This requires that the scan execute on an instance that is running inside of AWS.

cnspec scan aws ec2 ebs INSTANCEID [flags]

Options

      --annotation stringToString        Add an annotation to the asset. (default [])
      --ask-pass                         Ask for connection password.
      --asset-name string                User override for the asset name.
      --detect-cicd                      Try to detect CI/CD environments and, if successful, set the asset category to 'cicd'. (default true)
      --discover string                  Enable the discovery of nested assets. Supported: 'all|auto|instances|host-instances|host-machines|container|container-images|pods|cronjobs|statefulsets|deployments|jobs|replicasets|daemonsets' (default "auto")
      --discover-filter stringToString   Additional filter for asset discovery. (default [])
  -h, --help                             help for ebs
      --id-detector string               User override for platform ID detection mechanism. Supported: hostname, machine-id, aws-ec2, cloud-detect, ssh-host-key, transport-platform-id
  -i, --identity-file string             Select a file from which to read the identity (private key) for public key authentication.
      --incognito                        Run in incognito mode. Do not report scan results to Mondoo Platform.
      --insecure                         Disable TLS/SSL checks or SSH hostkey config.
      --inventory-ansible                Set the inventory format to Ansible.
      --inventory-domainlist             Set the inventory format to domain list.
      --inventory-file string            Set the path to the inventory file.
  -j, --json                             Set output to JSON (shorthand).
      --option --option key=value        Additional connection options. You can pass multiple options using --option key=value. (default [])
  -o, --output string                    Set output format: compact, csv, full, json, junit, report, summary, yaml (default "compact")
  -p, --password string                  Password, such as for SSH/WinRM.
      --path string                      Path to a local file or directory for the connection to use.
      --policy strings                   Lists policies to execute. This requires incognito mode. You can pass multiple policies using --policy POLICY
  -f, --policy-bundle strings            Path to local policy bundle file.
      --props stringToString             Custom values for properties (default [])
      --score-threshold int              If any score falls below the threshold, exit 1.
      --share                            create a web-based private reports when cnspec is unauthenticated. Defaults to false.
      --sudo                             Elevate privileges with sudo.

Options inherited from parent commands

      --api-proxy string   Set proxy for communications with Mondoo API
      --config string      Set config file path (default $HOME/.config/mondoo/mondoo.yml)
      --log-level string   Set log level: error, warn, info, debug, trace (default "info")
  -v, --verbose            Enable verbose output

SEE ALSO

• cnspec scan aws ec2 - Scan an AWS instance using one of the available connectors.
• cnspec scan aws ec2 ebs snapshot - Scan a specific AWS snapshot using an EBS volume scan. This requires an AWS host.
• cnspec scan aws ec2 ebs volume - Scan a specific AWS volume using an EBS volume scan. This requires an AWS host.