Changelog
Keep track of new releases and improvements
HashiCorp Terraform Run Task Integration
We’ve added a new integration with HashiCorp Terraform, a leading IaC platform used to provision and manage any of your cloud environments. With this update, Gomboc can automatically check and fix issues in your infrastructure code before deployment, helping prevent security risks, downtime, and unnecessary costs by delivering ready-to-merge pull requests.
Authentication is secured via HMAC, and enforcement can be set to advisory or mandatory. Detailed pass/fail callbacks include severity‑ranked outcomes, resource addresses, and remediation guidance, helping teams focus on the highest‑impact fixes first.
Engineers benefit from native workflow integration with no CLI changes or extra tools, plus RFC‑style documentation for knowledge sharing and easy troubleshooting.
Setup takes minutes via Settings > Integrations > HashiCorp in the Gomboc Portal. See our user documentation for complete instructions.
Gomboc MCP Server (Beta) Released
We’ve launched the Gomboc MCP Server (Beta): a local server that lets you to interact directly with Gomboc’s deterministic AI. With this release, you can request individual IaC fixes and access the complete list of supported security benchmarks (CIS, NIST, and more), all from your local environment.
Even more exciting, you can now connect your own AI agents or tools (like Claude) to the MCP server to programmatically fetch precise remediations or benchmark data. This opens up a powerful new way to embed Gomboc into custom workflows, copilots, or automation layers.
You can pull the Docker image and find setup instructions in our docs.
Create Custom Rules
We’ve introduced the ability to create custom security policies, giving teams control over how Gomboc enforces best practices in their environment. Whether it’s tagging standards, KMS key access, or IAM permissions, users can now define and scope their own policy rules, customized down to the cloud resource and attribute level.
Build from scratch or start with existing rules using our new policy builder interface.
Apply rules globally or scope them to specific projects, repositories, or folders.
Customize policy logic using exact values, value patterns (e.g., starts with), or organizational tags.
Automatically generate rule descriptions and link policies to your security frameworks (e.g., CIS, NIST).
Gomboc Community Edition
We’ve launched Gomboc Community Edition - a free, quick-start version of Gomboc deterministic AI platform automating IaC remediation, designed to let developers explore our core functionality.
Community Edition delivers:
Merge-ready PRs for Terraform misconfigurations.
Instant onboarding via GitHub.
Real-world policies covering security and compliance best practices for AWS, Azure and Google Cloud.
Deterministic AI that delivers verifiable fixes you can trust.
Unlike static scanners or recommendation tools, Gomboc Community Edition actually fixes the problem.
This release reflects our commitment to supporting Platform and DevOps teams with tools that work the way they do: fast, reliable, and developer-first. Grab it now at https://docs.gomboc.ai/ and see Gomboc in action.
Code Validation for Gomboc PRs
Gomboc now automatically validates the Terraform code in its generated pull requests for type and configuration accuracy before it ever reaches your repo.
What this means:
Every PR from Gomboc now runs
terraform validatebehind the scenes.This catches syntax and type issues early, before any human review.
We simulate backend and provider authentication to avoid the need for user credentials or setup.
Future phases will include full
terraform planvalidation and state analysis for customers who want deeper trust signals and automation.
Time is key, and having to check out a branch, run init, and review plan output slows developers down. This validation upgrade Gomboc to fully trusted IaC remediation that developers can merge with confidence.
Gomboc Compliance Companion
The Gomboc Compliance Companion is a new feature that helps companies keep their cloud systems secure and compliant automatically, without slowing down developers or rewriting existing code.
Automatically scans all your configurations across AWS, Azure, and GCP, and provides:
Instant, auditable security fixes in PRs with one-click approval.
Real-time compliance enforcement in development, CI/CD, and pipelines.
No rewrites required, works with your existing codebase.
$100K+ potential annual savings per workload by eliminating 50+ days of developer toil
Compliance Companion shifts teams from periodic audits to automated, continuous compliance, accelerating delivery while reducing risk.
Automated Onboarding Assessment
We’ve streamlined the onboarding experience to make it faster, smarter, and easier to manage. With just a few clicks, Gomboc now automatically discovers your IaC repositories and delivers a comprehensive report with actionable insights in under 5 minutes.
What’s better:
Zero manual setup: Automated repo discovery means no team or project gets missed.
Smart impact report: Highlights misconfigurations, team activity, and ROI projections.
Prioritized fixes: Aligned to compliance frameworks like CIS IG1/2/3.
No code stored: All data is processed securely and ephemerally.
Try the improved onboarding flow and see your first value, fast.
Gomboc Extension for Visual Studio Code
We just dropped a VSCode extension that enables developers to get a real-time generated code as they develop cloud infrastructure. The extension applies Gomboc’s deterministic AI to highlight and fix misconfigurations precisely and instantly. Whether you're writing new infra or cleaning up legacy code, it keeps your cloud setup tight, without slowing you down.
Install it via the VSCode Marketplace, learn about all the features, and start building reliable cloud infrastructure without leaving your editor.
CSPM Alert to Code Discovery and Fix
We’ve closed the loop from cloud alerts to actual code-generated remediations. Gomboc now connects CSPM findings directly to the code that caused them.
Here’s what’s new:
When a CSPM alert comes in, Gomboc identifies the code location that caused it and provides a fully described pull request with the fix.
We show full observation detail and lets you dive into context across code resources.
You can now select policy-based remediations, preview the fix, and generate a PR, all in one click.
This dramatically reduces investigation time and makes remediating cloud infrastructure feel like a GitHub feature. Try it from the Observations tab now.
Last updated