CloudSploit version 2.0.0 introduced a number of changes from the original CloudSploit release, designed to make running CloudSploit easier in multiple environment types, including command line and CI/CD systems.
Changes
- The addition of the
argparselibrary to enhance CLI option support - Formalizing several previously-hidden settings and options (e.g. saving the JSON collection, multiple output formats, suppressions, etc.)
- The addition of the
tty-tablelibrary for pretty-print CLI output of results. This is now the default output, but it can be changed to text-only via the--console=textflag. - Improved documentation across the AWS, Azure, GCP, and OCI providers.
- The use of a
config.jsfile for storing cloud provider configuration options, making it easier to run CloudSploit against multiple accounts by passing the--configflag. - Fallback to the AWS credential chain, allowing users to get started running CloudSploit more quickly.
- Addition of an .eslint file for developers of CloudSploit and CloudSploit plugins.
- Formalizing CIS Benchmark options in the plugins using the
complianceproperty. - Added the ability to run a single plugin directly from the CLI, without editing the
exports.jsfile by passing the flag--plugin pluginName.
Upgrade Guide
Please see the Upgrade Guide if you are moving from < 2.0.0 to 2.0.0.