Complete command reference for AuditKit.
auditkit [command] [flags]Run a compliance scan against your cloud infrastructure.
auditkit scan [flags]Examples:
# Basic scan (defaults to AWS, SOC2)
auditkit scan
# Specify provider and framework
auditkit scan -provider aws -framework soc2
auditkit scan -provider azure -framework pci
auditkit scan -provider gcp -framework cmmc
# All frameworks
auditkit scan -framework all
# Verbose output
auditkit scan -verbose
# Show all controls (no truncation)
auditkit scan --fullFlags:
-provider- Cloud provider:aws,azure,gcp(default:aws)-framework- Compliance framework:soc2,pci,cmmc,cmmc-l2,800-53,hipaa,all(default:soc2)-verbose- Show detailed output--full- Show all controls without truncation-format- Output format:text,json,html,pdf(default:text)-output- Output file path (e.g.,report.pdf)-profile- AWS profile name (AWS only)--scan-all- Scan all accounts/subscriptions/projects (Pro only)--max-concurrent- Max concurrent scans (Pro only, default: 3)--summary-only- Show summary only, skip detailed results (Pro only)
Import results from third-party tools (Prowler, ScubaGear).
auditkit integrate -source [tool] -file [path] [flags]Examples:
# Import Prowler results (AWS/Azure/GCP)
auditkit integrate -source prowler -file prowler-output.json
# Generate PDF from Prowler results
auditkit integrate -source prowler -file prowler-output.json -format pdf -output prowler-report.pdf
# Import ScubaGear results (M365)
auditkit integrate -source scubagear -file ScubaResults/ScubaResults.json
# Generate PDF from ScubaGear results
auditkit integrate -source scubagear -file ScubaResults.json -format pdf -output m365-report.pdfFlags:
-source- Source tool:prowler,scubagear-file- Path to results file-format- Output format:text,json,html,pdf(default:text)-output- Output file path
Generate remediation scripts for failed controls.
auditkit fix [flags]Examples:
# Generate fix script
auditkit fix
# Save to file
auditkit fix -output fixes.sh
# Review before running
cat fixes.sh
bash fixes.sh # Run after reviewFlags:
-output- Output file path (default: stdout)-provider- Cloud provider (uses last scan if omitted)
Show compliance improvement over time.
auditkit progressOutput:
Compliance Progress Report
==========================
Framework: SOC2
Provider: AWS
Scan History:
2025-10-15: 65.0% (42/64 passed)
2025-10-18: 72.5% (46/64 passed)
2025-10-19: 78.1% (50/64 passed)
Improvement: +13.1% over 4 days
Trend: Increasing
Compare the last two scans.
auditkit compareOutput:
Compliance Comparison
=====================
Framework: SOC2
Provider: AWS
Previous Scan: 2025-10-18 (72.5%)
Current Scan: 2025-10-19 (78.1%)
Improvements:
+ CC6.1 - IAM Key Rotation (now passing)
+ CC6.2 - S3 Public Access (now passing)
+ CC7.1 - CloudTrail Logging (now passing)
+ CC8.1 - Encryption at Rest (now passing)
New Failures:
- None
Score Change: +5.6%
Generate evidence collection tracker for manual controls.
auditkit evidence [flags]Examples:
# Generate evidence tracker
auditkit evidence
# Save to HTML
auditkit evidence -format html -output evidence-tracker.html
# Save to Excel
auditkit evidence -format excel -output evidence-tracker.xlsxFlags:
-format- Output format:text,html,excel(default:html)-output- Output file path-framework- Framework:soc2,pci,cmmc(uses last scan if omitted)
Check for newer version of AuditKit.
auditkit updateOutput:
Current version: v0.7.0
Latest version: v0.7.1
Update available!
Download: https://github.com/guardian-nexus/AuditKit-Community-Edition/releases/tag/v0.7.1
Show AuditKit version.
auditkit versionOutput:
AuditKit v0.8.1
Built: 2026-02-03
These flags work with all commands:
-h,--help- Show help for command-v,--version- Show version
Human-readable terminal output with colors.
auditkit scanMachine-readable JSON for automation.
auditkit scan -format json -output results.jsonJSON Structure:
{
"timestamp": "2025-10-19T14:30:00Z",
"provider": "aws",
"framework": "soc2",
"account_id": "123456789012",
"score": 72.5,
"total_controls": 64,
"passed_controls": 46,
"failed_controls": 18,
"controls": [
{
"id": "CC6.6",
"name": "User MFA Enforcement",
"status": "FAIL",
"severity": "CRITICAL",
"evidence": "12 users without MFA",
"remediation": "Enable MFA for all users"
}
]
}Interactive HTML report with search and filtering.
auditkit scan -format html -output report.htmlAudit-ready PDF report for auditors and management.
auditkit scan -format pdf -output report.pdfPDF includes:
- Executive summary
- Compliance score
- Passed/failed controls
- Evidence collection guides
- Remediation commands
- Compliance mappings
AWS_ACCESS_KEY_ID # AWS access key
AWS_SECRET_ACCESS_KEY # AWS secret key
AWS_DEFAULT_REGION # Default AWS region
AWS_PROFILE # AWS CLI profile nameAZURE_CLIENT_ID # Service principal client ID
AZURE_CLIENT_SECRET # Service principal secret
AZURE_TENANT_ID # Azure tenant ID
AZURE_SUBSCRIPTION_ID # Subscription to scanGOOGLE_APPLICATION_CREDENTIALS # Path to service account JSON
GOOGLE_CLOUD_PROJECT # GCP project ID
GCP_PROJECT # Alternative project ID variable0- Success1- General error2- Authentication error3- Permission denied4- Invalid arguments5- Scan failed
# Run first scan
auditkit scan -provider aws -framework soc2 -verbose
# Generate PDF report for auditor
auditkit scan -provider aws -framework soc2 -format pdf -output initial-assessment.pdf
# Generate evidence tracker
auditkit evidence -format html -output evidence-tracker.html# Generate fix script
auditkit fix -output fixes.sh
# Review and run fixes
cat fixes.sh
bash fixes.sh
# Re-scan to verify
auditkit scan -provider aws -framework soc2
# Compare improvements
auditkit compare# Scan all providers
auditkit scan -provider aws -framework soc2 -output aws-results.json -format json
auditkit scan -provider azure -framework soc2 -output azure-results.json -format json
auditkit scan -provider gcp -framework soc2 -output gcp-results.json -format json
# Generate individual reports
auditkit scan -provider aws -framework soc2 -format pdf -output aws-report.pdf
auditkit scan -provider azure -framework soc2 -format pdf -output azure-report.pdf
auditkit scan -provider gcp -framework soc2 -format pdf -output gcp-report.pdf# Run scan in pipeline
auditkit scan -provider aws -framework soc2 -format json -output results.json
# Check exit code
if [ $? -eq 0 ]; then
echo "Scan completed successfully"
else
echo "Scan failed"
exit 1
fi
# Parse results
jq '.score' results.json # Get compliance score
jq '.failed_controls' results.json # Get failed control count# Weekly scans
# Monday
auditkit scan -provider aws -framework soc2
# Friday (after fixes)
auditkit scan -provider aws -framework soc2
# Show progress
auditkit progress
# Compare before/after
auditkit compareThese features require AuditKit:
# Scan entire AWS Organization
auditkit scan -provider aws -framework soc2 --scan-all
# Scan Azure Management Group
auditkit scan -provider azure -framework soc2 --scan-all
# Scan GCP Organization
auditkit scan -provider gcp -framework soc2 --scan-all
# Control concurrency
auditkit scan -provider aws --scan-all --max-concurrent 5# Scan for CMMC Level 2 (110 practices)
auditkit scan -provider aws -framework cmmc-l2
# Generate Level 2 report
auditkit scan -provider aws -framework cmmc-l2 -format pdf -output cmmc-l2-report.pdf# Scan GKE clusters (Pro only)
auditkit scan -provider gcp -framework soc2 # Includes GKE checks
# Scan Vertex AI (Pro only)
auditkit scan -provider gcp -framework soc2 # Includes Vertex AI checks- Command help:
auditkit [command] --help - Documentation: Full docs →
- Examples: Sample usage →
- Issues: GitHub Issues