Mondoo
Docs
Integrate Your AssetsServers and EndpointsDeployment Automation

Chef Infra and Mondoo

This page covers how to use Chef Infra with Mondoo to install cnspec on hosts to run policies as code.

If you already use Chef Infra to manage your infrastructure, you can use it to deploy cnspec across your hosts. This lets you add security scanning to your existing Chef workflows without managing a separate deployment process.

import Partial from "./_automation-providers-note.mdx";

{" "}

Installing using Chef Infra

We publish an official mondoo cookbook on Chef Supermarket. You can use the cookbook in your own wrapper cookbooks or Chef Infra roles.

To apply the cookbook, set the Mondoo Registration Token via:

Command Line
default['cnspec']['registration_token'] = "changeme"

Example: Apply a cookbook to an Amazon EC2 instance

  1. Spin up a new Linux instance on AWS
  2. Create the run wrapper cookbook as documented in our example
  3. Run chef-run ssh://user@host ./run
  4. View your instances' vulnerability status in the Mondoo Console

Ansible

How to use Ansible with Mondoo to scan your Windows and a Linux hosts for security misconfigurations and vulnerabilities.

cloud-init

This page covers how to use cloud-init to install cnspec on hosts to run policies as code.

On this page

Installing using Chef InfraExample: Apply a cookbook to an Amazon EC2 instance