cnspec vuln aws ec2 ebs

Connect to an AWS instance using an EBS volume scan. This requires an AWS host.

Synopsis

Connect to an AWS instance using an EBS volume scan. This requires that the scan execute on an instance that is running inside of AWS.

cnspec vuln aws ec2 ebs INSTANCEID [flags]

Options

      --annotation stringToString        Add an annotation to the asset. (default [])
      --ask-pass                         Ask for connection password.
      --detect-cicd                      Try to detect CI/CD environments. If successful, sets the asset category to 'cicd'. (default true)
      --discover string                  Enable the discovery of nested assets. Supported: 'all|instances|host-instances|host-machines|container|container-images|pods|cronjobs|statefulsets|deployments|jobs|replicasets|daemonsets' (default "auto")
      --discover-filter stringToString   Additional filter for asset discovery. (default [])
  -h, --help                             help for ebs
      --id-detector string               User override for platform ID detection mechanism. Supported: hostname, machine-id, aws-ec2, cloud-detect, ssh-host-key, transport-platform-id
  -i, --identity-file string             Select a file from which too read the identity (private key) for public key authentication.
      --incognito                        Incognito mode. Do not report scan results to the Mondoo platform.
      --insecure                         Disable TLS/SSL checks or SSH hostkey config.
      --inventory-ansible                Set inventory format to Ansible.
      --inventory-domainlist             Set inventory format to domain list.
      --inventory-file string            Path to inventory file.
  -j, --json                             Set output to JSON (shorthand).
      --no-pager                         Disable interactive scan output pagination.
      --option --option key=value        Additional connection options. You can pass multiple options using --option key=value (default [])
  -o, --output string                    Set output format: compact, csv, full, json, junit, report, summary, yaml (default "compact")
      --pager string                     Enable scan output pagination with custom pagination command. The default is 'less -R'.
  -p, --password string                  Password, such as for SSH/WinRM.
      --path string                      Path to a local file or directory for the connection to use
      --policy --policy POLICY           List policies to execute. This requires incognito mode. To scan multiple policies, pass --policy POLICY
  -f, --policy-bundle strings            Path to local policy bundle file.
      --score-threshold int              If any score falls below the threshold, exit 1.
      --sudo                             Elevate privileges with sudo.

Options inherited from parent commands

      --config string      Set config file path (default $HOME/.config/mondoo/mondoo.yml)
      --log-level string   Set log level: error, warn, info, debug, trace (default "info")
  -v, --verbose            Enable verbose output

SEE ALSO

• cnspec vuln aws ec2 - Connect to an AWS instance using one of the available connectors.
• cnspec vuln aws ec2 ebs snapshot - Connect to a specific AWS snapshot using an EBS volume scan. This requires an AWS host.
• cnspec vuln aws ec2 ebs volume - Connect to a specific AWS volume using an EBS volume scan. This requires an AWS host.