Changelog

HashiCorp Terraform Run Task Integration

We’ve launched our HashiCorp Terraform Run Task integration, enabling Gomboc to seamlessly embed within Terraform Cloud’s Run Task framework to validate, remediate, and document IaC issues before deployment. At the pre-plan, post‑plan or pre‑apply stage, Gomboc’s deterministic AI engine analyzes your Terraform code and produces production‑ready fixes delivered as pull requests to keep your cloud infrastructure reliable, secure, and cost optimized at scale.

Authentication is secured via HMAC, and enforcement can be set to advisory or mandatory. Detailed pass/fail callbacks include severity‑ranked outcomes, resource addresses, and remediation guidance, helping teams focus on the highest‑impact fixes first.

Engineers benefit from native workflow integration with no CLI changes or extra tools, plus RFC‑style documentation for knowledge sharing and easy troubleshooting.

Setup takes minutes via Settings > Integrations > HashiCorp in the Gomboc Portal. See our user documentation for complete instructions.

Gomboc MCP Server (Beta) Released

We’ve launched the Gomboc MCP Server (Beta): a local server that lets you to interact directly with Gomboc’s deterministic AI. With this release, you can request individual IaC fixes and access the complete list of supported security benchmarks (CIS, NIST, and more), all from your local environment.

Even more exciting, you can now connect your own AI agents or tools (like Claude) to the MCP server to programmatically fetch precise remediations or benchmark data. This opens up a powerful new way to embed Gomboc into custom workflows, copilots, or automation layers.

You can pull the Docker image and find setup instructions in our docs.

Create Custom Rules

We’ve introduced the ability to create custom security policies, giving teams control over how Gomboc enforces best practices in their environment. Whether it’s tagging standards, KMS key access, or IAM permissions, users can now define and scope their own policy rules, customized down to the cloud resource and attribute level.

• Build from scratch or start with existing rules using our new policy builder interface.

• Apply rules globally or scope them to specific projects, repositories, or folders.

• Customize policy logic using exact values, value patterns (e.g., starts with), or organizational tags.

• Automatically generate rule descriptions and link policies to your security frameworks (e.g., CIS, NIST).

Gomboc Community Edition

We’ve launched Gomboc Community Edition - a free, quick-start version of Gomboc deterministic AI platform automating IaC remediation, designed to let developers explore our core functionality.

Community Edition delivers:

• Merge-ready PRs for Terraform misconfigurations.

• Instant onboarding via GitHub.

• Real-world policies covering security and compliance best practices for AWS, Azure and Google Cloud.

• Deterministic AI that delivers verifiable fixes you can trust.

Unlike static scanners or recommendation tools, Gomboc Community Edition actually fixes the problem.

This release reflects our commitment to supporting Platform and DevOps teams with tools that work the way they do: fast, reliable, and developer-first. Grab it now at https://docs.gomboc.ai/ and see Gomboc in action.

Code Validation for Gomboc PRs

Gomboc now automatically validates the Terraform code in its generated pull requests for type and configuration accuracy before it ever reaches your repo.

What this means:

• Every PR from Gomboc now runs terraform validate behind the scenes.

• This catches syntax and type issues early, before any human review.

• We simulate backend and provider authentication to avoid the need for user credentials or setup.

• Future phases will include full terraform plan validation and state analysis for customers who want deeper trust signals and automation.

Time is key, and having to check out a branch, run init, and review plan output slows developers down. This validation upgrade Gomboc to fully trusted IaC remediation that developers can merge with confidence.

Gomboc Compliance Companion

The Gomboc Compliance Companion is a new feature that helps companies keep their cloud systems secure and compliant automatically, without slowing down developers or rewriting existing code.

Automatically scans all your configurations across AWS, Azure, and GCP, and provides:

• Instant, auditable security fixes in PRs with one-click approval.

• Real-time compliance enforcement in development, CI/CD, and pipelines.

• No rewrites required, works with your existing codebase.

• $100K+ potential annual savings per workload by eliminating 50+ days of developer toil

Compliance Companion shifts teams from periodic audits to automated, continuous compliance, accelerating delivery while reducing risk.

Automated Onboarding Assessment

We’ve streamlined the onboarding experience to make it faster, smarter, and easier to manage. With just a few clicks, Gomboc now automatically discovers your IaC repositories and delivers a comprehensive report with actionable insights in under 5 minutes.

What’s better:

• Zero manual setup: Automated repo discovery means no team or project gets missed.

• Smart impact report: Highlights misconfigurations, team activity, and ROI projections.

• Prioritized fixes: Aligned to compliance frameworks like CIS IG1/2/3.

• No code stored: All data is processed securely and ephemerally.

Try the improved onboarding flow and see your first value, fast.

Gomboc Extension for Visual Studio Code

We just dropped a VSCode extension that enables developers to get a real-time generated code as they develop cloud infrastructure. The extension applies Gomboc’s deterministic AI to highlight and fix misconfigurations precisely and instantly. Whether you're writing new infra or cleaning up legacy code, it keeps your cloud setup tight, without slowing you down.

Install it via the VSCode Marketplace, learn about all the features, and start building reliable cloud infrastructure without leaving your editor.

CSPM Alert to Code Discovery and Fix

We’ve closed the loop from cloud alerts to actual code-generated remediations. Gomboc now connects CSPM findings directly to the code that caused them.

Here’s what’s new:

• When a CSPM alert comes in, Gomboc identifies the code location that caused it and provides a fully described pull request with the fix.

• We show full observation detail and lets you dive into context across code resources.

• You can now select policy-based remediations, preview the fix, and generate a PR, all in one click.

This dramatically reduces investigation time and makes remediating cloud infrastructure feel like a GitHub feature. Try it from the Observations tab now.