Skip to main content

cnspec shell azure

Connect to a Microsoft Azure subscription or virtual machines.

Synopsis

Connect to a Microsoft Azure subscriptions or virtual machines. cnspec uses your local Azure configuration for the account scan. To connect to Azure virtual machines, you must configure your Azure credentials and have SSH access to the virtual machines.

cnspec shell azure [flags]

Options

      --ask-pass                         Prompt for connection password
      --certificate-path string          Path (in PKCS #12/PFX or PEM format) to the authentication certificate
      --certificate-secret string        Passphrase for the authentication certificate file
      --client-id string                 Application (client) ID of the service principal
      --client-secret string             Secret for application
  -c, --command string                   MQL query to execute in the shell
      --discover string                  Enable the discovery of nested assets. Supported: 'all|auto|instances|host-instances|host-machines|container|container-images|pods|cronjobs|statefulsets|deployments|jobs|replicasets|daemonsets' (default "auto")
      --discover-filter stringToString   Additional filter for asset discovery. (default [])
  -h, --help                             help for azure
      --host-machines                    Also scan host machines like ESXi server.
  -i, --identity-file string             Select a file from which to read the identity (private key) for public key authentication.
      --insecure                         Disable TLS/SSL checks or SSH hostkey config.
      --instances                        Also scan instances. This only applies to API targets like AWS, Azure or GCP.
      --option --option key=value        Additional connection options. You can pass multiple options using --option key=value. (default [])
  -p, --password string                  Set the connection password, such as for SSH/WinRM.
      --path string                      Path to a local file or directory for the connection to use.
      --platform-id string               Select an specific target asset by providing its platform ID.
      --subscription string              ID of the Azure subscription to scan
      --subscriptions string             Comma-separated list of Azure subscriptions to include
      --subscriptions-exclude string     Comma-separated list of Azure subscriptions to exclude
      --sudo                             Elevate privileges with sudo.
      --tenant-id string                 Directory (tenant) ID of the service principal

Options inherited from parent commands

      --config string      Set config file path (default $HOME/.config/mondoo/mondoo.yml)
      --log-level string   Set log level: error, warn, info, debug, trace (default "info")
  -v, --verbose            Enable verbose output

SEE ALSO