Skip to main content

Supported Scan Targets

cnspec can make assertions against and scan:

TargetProviderExample
Ansible playbooksansiblecnspec shell ansible YOUR_PLAYBOOK.yml
Arista network devicesaristacnspec shell arista DEVICE_PUBLIC_IP --ask-pass
Atlassian organizationsatlassiancnspec shell atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN
AWS accountsawscnspec scan aws
AWS CloudFormation templatescloudformationcnspec scan cloudformation cloudformation_file.json
AWS EC2 EBS snapshotaws ec2 ebs snapshotcnspec scan aws ec2 ebs snapshot SNAPSHOTID
AWS EC2 EBS volumeaws ec2 ebs volumecnspec scan aws ec2 ebs volume VOLUMEID
AWS EC2 Instance Connectaws ec2 instance-connectcnspec scan aws ec2 instance-connect ec2-user@INSTANCEID
AWS EC2 instancessshcnspec scan ssh user@host
Confluence usersatlassiancnspec shell atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN
Container imagescontainer, dockercnspec scan container ubuntu:latest
Container registriescontainer registrycnspec scan container registry index.docker.io/library/rockylinux:8
DNS recordshostcnspec scan host mondoo.com
Dockerfilesdockercnspec shell docker file FILENAME
GitHub organizationsgithub orgcnspec scan github org mondoohq
GitHub repositoriesgithub repocnspec scan github repo mondoohq/cnspec
GitLab groupsgitlabcnspec scan gitlab --group mondoohq
Google Cloud projectsgcpcnspec scan gcp
Google Workspacegoogle-workspacecnspec shell google-workspace --customer-id CUSTOMER_ID --impersonated-user-email EMAIL --credentials-path JSON_FILE
IoT devicesopcuacnspec shell opcua
Jira projectsatlassiancnspec shell atlassian --host YOUR_HOST_URL --admin-token YOUR_TOKEN
Kubernetes cluster nodeslocal, sshcnspec scan ssh user@host
Kubernetes clustersk8scnspec scan k8s
Kubernetes manifestsk8scnspec scan k8s manifest.yaml
Kubernetes workloadsk8scnspec scan k8s --discover pods,deployments
Linux hostslocal, sshcnspec scan local or
cnspec scan ssh user@host
macOS hostslocal, sshcnspec scan local or
cnspec scan ssh user@IP_ADDRESS
Microsoft 365 accountsms365cnspec scan ms365 --tenant-id TENANT_ID --client-id CLIENT_ID --certificate-path PFX_FILE
Microsoft Azure instancessshcnspec scan ssh user@host
Microsoft Azure subscriptionsazurecnspec scan azure --subscription SUBSCRIPTION_ID
Okta orgoktacnspec shell okta --token TOKEN --organization ORGANIZATION
Oracle Cloud Interface (OCI)ocicnspec shell oci
Running containersdockercnspec scan docker CONTAINER_ID
Shodan search engineshodancnspec shell shodan
Slack teamslackcnspec shell slack --token TOKEN
SSL certificates on websiteshostcnspec scan host mondoo.com
Terraform HCLterraformcnspec scan terraform HCL_FILE_OR_PATH
Terraform planterraform plancnspec scan terraform plan plan.json
Terraform stateterraform statecnspec scan terraform state state.json
Vagrant virtual machinesvagrantcnspec scan vagrant HOST
VMware Cloud Directorvcdcnspec shell vcd user@domain@host --ask-pass
VMware vSpherevspherecnspec scan vsphere user@domain@host --ask-pass
Windows hostslocal, ssh, winrmcnspec scan local,
cnspec scan ssh Administrator@IP_ADDRESS --ask-pass or
cnspec scan winrm Administrator@IP_ADDRESS --ask-pass