Skip to main content

Mondoo 5.16.1 is out!

ยท 2 min read
Mondoo Core Team

๐Ÿฅณ mondoo 5.16.1 is out!


Terraform Static Analysis Policy for AWS

With this release, users can activate the "Terraform Static Analysis Policy for AWS" in their space.

Once the policy is active, you can check your Terraform configuration like this:

mondoo scan -t terraform --path . --incognito

Terraform scan output

Native Assessments for all/none/any/one

The 4 list assessment methods (all, none, any, and one) had only limited output in Mondoo so far. This made it very difficult to understand what items failed any given check and what needed to be fixed.

This patch introduces a descriptive output which shows the entries that failed for these list assessment methods. See the following example:

Native list assessments

AWS EC2 Instance Connect Transport

We've added a new transport to allow to connect to EC2 instances directly using AWS EC2 Instance Connect.

mondoo shell -t aws-ec2-connect://ec2-user@i-ec2ec2ec2ec2ec2f2 --insecure


  • The mount resource can now be initialized with a path:
    mount.point("/dev/shm") { * }
  • The TLS resource now supports SNI. This means that it will return the correct certificates for a given domain name, which supports this feature. For example, tls("").certificates will now return the expected certificate for the domain.
  • The terraform.block resource provides 2 new fields
    1. attributes: Access the raw block attributes
    2. snippet: The source code snippet for the block
  • You can now run multiple policy bundles at once in incognito mode.
  • Support Amazon Linux 2022, including vulnerabilities, repos, and EOL information