🥳 Mondoo 6.13.1 is out! This release includes a new modular GitHub Action and updated EKS policies!
All New Modular GitHub Action
The Mondoo GitHub Action has been entirely rewritten to better integrate within modular workflows in your projects. The action now includes individual GitHub Actions for scanning AWS accounts, Kubernetes Clusters, Kubernetes manifests, Docker images, and Terraform configuration files. There's also a new action for uploading Mondoo Policies to PolicyHub and an action for configuring Mondoo Client, so you can run whatever scan commands you may need. Keep in mind that this new setup is entirely different than our previous releases and breaks existing workflow configurations. Make sure to check out the project Readme and each new action's readme for more information on usage. As always, let us know if you have any questions at firstname.lastname@example.org or join us on our Mondoo Community Slack
Find the new action on the GitHub Actions Marketplace.
Up-to-Date EOL Data
Problem: You want to ensure that no systems in your fleet have reached EOL status, but this requires you to update Mondoo Client for the latest EOL data.
Solution: EOL data is now stored in Mondoo Platform and updated automatically each time the client runs. With this change, your systems will always have the latest EOL data as vendors publish new or updated EOL dates.
Expanded CIS Amazon EKS Benchmarks
We've greatly expanded the CIS Amazon EKS Level 1 and 2 benchmarks with additional queries and improved the overall reliability of many policies. Stay tuned for next week's release for more updates to this policy.
🐛 BUG FIXES
- Prevents sending duplicate Organization or Space invitations if you add a space character to an e-mail address.
- Prevents display of duplicate informational alerts in AWS Integrations.
- Resolves failures querying EC2 instances that lacked assigned key pairs.