Infrastructure as Code

Mondoo’s Packer Plugin Earns Verified Status with HashiCorp

Scott Ford

September 21, 2022

2 min read

The Mondoo team has two exciting announcements: We’re now a member of the HashiCorp Technology Partnership Program and our Packer provisioner has earned HashiCorp verification.

‍

Mondoo_graphics_Verified Packer Plugin Announcement-02

On June 24, 2022 we announced the release of the open source Packer Plugin Mondoo, which provides a provisioner that validates the security of machine images produced by HashiCorp Packer. It uses Mondoo’s advanced policy-as-code engine to test builds for vulnerabilities in packages and libraries, as well as misconfigurations that expose hosts to attack.

Today we’re pleased to announce our membership in the HashiCorp Technology Partner Program. Along with this established partnership, HashiCorp has officially verified Packer Plugin Mondoo.

HashiCorp describes the verified status:

Plugins in this tier indicate HashiCorp has verified the authenticity of the Plugin’s publisher, and that the partner is a member of the HashiCorp Technology Partner Program.

We’re proud that Mondoo is the only verified provisioner recognized on the HashiCorp plugin directory.

‍

Find and fix the security risks that pose the biggest threat to your business.

Get started

Build secure machine images in AWS and Google Cloud with Packer and Mondoo

Even if you’re all in on Kubernetes with EKS or GKE, that doesn’t mean you don’t have VMs to secure. The nodes in your cluster land squarely on the customer side of the shared responsibility model, and the images that come from the marketplace need to be patched. Building machine images that meet the security and compliance requirements for your business ultimately allows you to spend more time focused on innovation and providing value to your customers.

To get started building secure machine images for your environments, read our documentation.:

Building secure AMIs with cnspec and HashiCorp Packer covers how to run Mondoo security scans during HashiCorp Packer builds of Amazon EC2 AMIs.
Building secure VM images in Google Cloud with cnspec and HashiCorp Packer describes how to run Mondoo security scans during HashiCorp Packer builds of Google Cloud VM images.

You can complete either task in a short amount of time and be well on your way to more secure computing environments.

HashiCorp Packer, Terraform Cloud, and so much more

We’ve been busy diving into both HashiCorp Packer and Terraform Cloud, and are excited about the integration possibilities. We already have a number of new integrations with HashiCorp planned, but would love to hear if there is a particular integration that would be useful for you. Come find us in the Mondoo Slack community, or contact us directly from mondoo.com/support.

‍

Scott Ford

Scott Ford is a DevOps practitioner. In his current role as Principal Architect at Mondoo, he is focused on helping businesses automate security without adding friction to innovation. Prior to joining Mondoo, Scott held positions as Principal Architect of Lacework, and Distinguished Architect at Chef Software helping companies around the world transform the way they build their products through collaboration and automation.

Overview of Changes and New Security Features in Windows Server 2025

Christoph Hartmann

November 4, 2024

Releases

Mondoo October 2024 Release Highlights

Letha Dunn

Tim Smith

October 31, 2024

Releases

Mondoo September 2024 Release Highlights

Letha Dunn

Tim Smith

September 30, 2024

Stay informed with our news and new articles

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.