Mondoo
Docs
Integrate Your AssetsServers and EndpointsDeployment Automation

Chef Infra and Mondoo

Deploy cnspec across your infrastructure using Chef Infra to automate security scanning.

If you already use Chef Infra to manage your infrastructure, you can use it to deploy cnspec across your hosts. This lets you add security scanning to your existing Chef workflows without managing a separate deployment process.

import Partial from "./_automation-providers-note.mdx";

{" "}

Installing using Chef Infra

We publish an official mondoo cookbook on Chef Supermarket. You can use the cookbook in your own wrapper cookbooks or Chef Infra roles.

To apply the cookbook, set the Mondoo registration token:

Chef Infra attribute
default['cnspec']['registration_token'] = "changeme"

Example: Apply a cookbook to an Amazon EC2 instance

  1. Spin up a new Linux instance on AWS
  2. Create the run wrapper cookbook as documented in our example
  3. Run chef-run ssh://user@host ./run
  4. View your instances' vulnerability status in the Mondoo Console

Ansible

How to use Ansible with Mondoo to scan your Windows and Linux hosts for security misconfigurations and vulnerabilities.

cloud-init

Use cloud-init to install and register cnspec automatically when instances launch.

On this page

Installing using Chef InfraExample: Apply a cookbook to an Amazon EC2 instance