The Mondoo team has two exciting announcements: We’re now a member of the HashiCorp Technology Partnership Program and our Packer provisioner has earned HashiCorp verification.
On June 24, 2022 we announced the release of the open source Packer Plugin Mondoo, which provides a provisioner that validates the security of machine images produced by HashiCorp Packer. It uses Mondoo’s advanced policy-as-code engine to test builds for vulnerabilities in packages and libraries, as well as misconfigurations that expose hosts to attack.
Today we’re pleased to announce our membership in the HashiCorp Technology Partner Program. Along with this established partnership, HashiCorp has officially verified Packer Plugin Mondoo.
HashiCorp describes the verified status:
Plugins in this tier indicate HashiCorp has verified the authenticity of the Plugin’s publisher, and that the partner is a member of the HashiCorp Technology Partner Program.
We’re proud that Mondoo is the only verified provisioner recognized on the HashiCorp plugin directory.
Build secure machine images in AWS and Google Cloud with Packer and Mondoo
Even if you’re all in on Kubernetes with EKS or GKE, that doesn’t mean you don’t have VMs to secure. The nodes in your cluster land squarely on the customer side of the shared responsibility model, and the images that come from the marketplace need to be patched. Building machine images that meet the security and compliance requirements for your business ultimately allows you to spend more time focused on innovation and providing value to your customers.
To help you get started building secure machine images for your environments, we’ve published two new new getting started tutorials on our documentation site:
- Building secure AMIs with Mondoo and Packer covers how to run Mondoo security scans during HashiCorp Packer builds of Amazon EC2 AMIs.
- Building secure VM images in Google Cloud with Mondoo and Packer describes how to run Mondoo security scans during HashiCorp Packer builds of Google Cloud VM images.
You can complete either task in a short amount of time and be well on your way to more secure computing environments.
HashiCorp Packer, Terraform Cloud, and so much more
We’ve been busy diving into both HashiCorp Packer and Terraform Cloud, and are excited about the integration possibilities. We already have a number of new integrations with HashiCorp planned, but would love to hear if there is a particular integration that would be useful for you. Come find us in the Mondoo Slack community, or contact us directly from mondoo.com/support.