Supported Scan Targets
cnspec can make assertions against and scan:
| Target | Example |
|---|---|
| Ansible playbooks | cnspec scan ansible YOUR_PLAYBOOK.yml |
| Arista network devices | cnspec scan arista DEVICE_PUBLIC_IP --ask-pass |
| Atlassian organizations | cnspec scan atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN |
| AWS accounts | cnspec scan aws |
| AWS CloudFormation templates | cnspec scan cloudformation cloudformation_file.json |
| AWS EC2 EBS snapshot | cnspec scan aws ec2 ebs snapshot SNAPSHOTID |
| AWS EC2 EBS volume | cnspec scan aws ec2 ebs volume VOLUMEID |
| AWS EC2 Instance Connect | cnspec scan aws ec2 instance-connect ec2-user@INSTANCEID |
| AWS EC2 instances | cnspec scan ssh user@host |
| Cisco IOS / NX-OS devices | cnspec scan nd-ssh USER_NAME@DEVICE_IP --ask-pass |
| Cloudflare | cnspec scan cloudflare --token TOKEN |
| Confluence users | cnspec scan atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN |
| Container images | cnspec scan container ubuntu:latest |
| Container registries | cnspec scan container registry index.docker.io/library/rockylinux:8 |
| DNS records | cnspec scan host mondoo.com |
| Dockerfiles | cnspec scan docker file FILENAME |
| GitHub organizations | cnspec scan github org mondoohq |
| GitHub repositories | cnspec scan github repo mondoohq/cnquery |
| GitLab groups | cnspec scan gitlab --group mondoohq |
| Google Cloud projects | cnspec scan gcp |
| Google Workspace | cnspec scan google-workspace --customer-id CUSTOMER_ID --impersonated-user-email EMAIL --credentials-path JSON_FILE |
| IoT devices | cnspec scan opcua |
| Jira projects | cnspec scan atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN |
| Kubernetes cluster nodes | cnspec scan ssh user@host |
| Kubernetes clusters | cnspec scan k8s |
| Kubernetes manifests | cnspec scan k8s manifest.yaml |
| Kubernetes workloads | cnspec scan k8s --discover pods,deployments |
| Linux hosts | cnspec scan local orcnspec scan ssh user@host |
| macOS hosts | cnspec scan local orcnspec scan ssh user@IP_ADDRESS |
| Microsoft 365 tenants | cnspec scan ms365 --tenant-id TENANT_ID --client-id CLIENT_ID --certificate-path PFX_FILE |
| Microsoft Azure instances | cnspec scan ssh user@host |
| Microsoft Azure subscriptions | cnspec scan azure --subscription SUBSCRIPTION_ID |
| Okta org | cnspec scan okta --token TOKEN --organization ORGANIZATION |
| Oracle Cloud Interface (OCI) | cnspec scan oci |
| Running containers | cnspec scan docker CONTAINER_ID |
| Shodan search engine | cnspec scan shodan --token TOKEN |
| Slack team | cnspec scan slack --token TOKEN |
| Snowflake | cnspec scan snowflake --account ACCOUNT-ID --region REGION --user YOUR-USER-ID --role YOUR-ROLE --ask-pass |
| SSL certificates on websites | cnspec scan host mondoo.com |
| Tailscale | cnspec scan tailscale --token TOKEN |
| Terraform HCL | cnspec scan terraform HCL_FILE_OR_PATH |
| Terraform plan | cnspec scan terraform plan plan.json |
| Terraform state | cnspec scan terraform state state.json |
| Vagrant virtual machines | cnspec scan vagrant HOST |
| VMware Cloud Director | cnspec scan vcd user@domain@host --ask-pass |
| VMware vSphere | cnspec scan vsphere user@domain@host --ask-pass |
| Windows hosts | cnspec scan local,cnspec scan ssh Administrator@IP_ADDRESS --ask-pass orcnspec scan winrm Administrator@IP_ADDRESS --ask-pass |