cnspec vuln azure

Connect to a Microsoft Azure subscription or virtual machines.

Synopsis

Connect to a Microsoft Azure subscriptions or virtual machines. cnspec uses your local Azure configuration for the account scan. To scan your Azure compute, you must configure your Azure credentials and have SSH access to your virtual machines.

cnspec vuln azure [flags]

Options

      --annotation stringToString        Add an annotation to the asset. (default [])
      --ask-pass                         Ask for connection password.
      --certificate-path string          Path (in PKCS #12/PFX or PEM format) to the authentication certificate
      --certificate-secret string        Passphrase for the authentication certificate file
      --client-id string                 Application (client) ID of the service principal
      --client-secret string             Secret for application
      --detect-cicd                      Try to detect CI/CD environments. If successful, sets the asset category to 'cicd'. (default true)
      --discover string                  Enable the discovery of nested assets. Supported: 'all|instances|host-instances|host-machines|container|container-images|pods|cronjobs|statefulsets|deployments|jobs|replicasets|daemonsets' (default "auto")
      --discover-filter stringToString   Additional filter for asset discovery. (default [])
  -h, --help                             help for azure
      --id-detector string               User override for platform ID detection mechanism. Supported: hostname, machine-id, aws-ec2, cloud-detect, ssh-host-key, transport-platform-id
  -i, --identity-file string             Select a file from which too read the identity (private key) for public key authentication.
      --incognito                        Incognito mode. Do not report scan results to the Mondoo platform.
      --insecure                         Disable TLS/SSL checks or SSH hostkey config.
      --inventory-ansible                Set inventory format to Ansible.
      --inventory-domainlist             Set inventory format to domain list.
      --inventory-file string            Path to inventory file.
  -j, --json                             Set output to JSON (shorthand).
      --no-pager                         Disable interactive scan output pagination.
      --option --option key=value        Additional connection options. You can pass multiple options using --option key=value (default [])
  -o, --output string                    Set output format: compact, csv, full, json, junit, report, summary, yaml (default "compact")
      --pager string                     Enable scan output pagination with custom pagination command. The default is 'less -R'.
  -p, --password string                  Password, such as for SSH/WinRM.
      --path string                      Path to a local file or directory for the connection to use
      --policy --policy POLICY           List policies to execute. This requires incognito mode. To scan multiple policies, pass --policy POLICY
  -f, --policy-bundle strings            Path to local policy bundle file.
      --score-threshold int              If any score falls below the threshold, exit 1.
      --subscription string              ID of the Azure subscription to scan
      --subscriptions string             Comma-separated list of Azure subscriptions to include
      --subscriptions-exclude string     Comma-separated list of Azure subscriptions to exclude
      --sudo                             Elevate privileges with sudo.
      --tenant-id string                 Directory (tenant) ID of the service principal

Options inherited from parent commands

      --config string      Set config file path (default $HOME/.config/mondoo/mondoo.yml)
      --log-level string   Set log level: error, warn, info, debug, trace (default "info")
  -v, --verbose            Enable verbose output

SEE ALSO

• cnspec vuln - Scans a target for Vulnerabilities.