🧹 update descriptions for queries

Author: chris-rock

content/mondoo-asset-count.mql.yaml

@@ -45,6 +45,9 @@ queries:
         filters: |
           asset.platform == "aws"
         title: AWS account ID
+        docs:
+          desc: |
+            Returns the unique AWS account identifier for the scanned account.
         mql: |
           aws.account.id
 
@@ -195,6 +198,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-ec2-retrieve-all-data
         title: Running EC2 instances
+        docs:
+          desc: |
+            Lists all running EC2 instances (excluding terminated) with their configuration details.
         variants:
           - uid: mondoo-asset-inventory-aws-ec2-retrieve-all-data-all
           - uid: mondoo-asset-inventory-aws-ec2-retrieve-all-data-single
@@ -214,6 +220,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-rds-dbclusters-all-data
         title: RDS database clusters configuration
+        docs:
+          desc: |
+            Lists all RDS database clusters with their configuration for inventory and security review.
         variants:
           - uid: mondoo-asset-inventory-aws-rds-dbclusters-all-data-all
       - uid: mondoo-asset-inventory-aws-rds-dbclusters-all-data-all
@@ -226,6 +235,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-rds-dbinstances-all-data
         title: RDS database instances
+        docs:
+          desc: |
+            Lists all RDS database instances with their configuration for inventory and security review.
         variants:
           - uid: mondoo-asset-inventory-aws-rds-dbinstances-all-data-all
           - uid: mondoo-asset-inventory-aws-rds-dbinstances-all-data-single
@@ -244,6 +256,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-s3-retrieve-all-data
         title: S3 buckets
+        docs:
+          desc: |
+            Lists all S3 buckets with their configuration for inventory and access policy review.
         variants:
           - uid: mondoo-asset-inventory-aws-s3-retrieve-all-data-all
           - uid: mondoo-asset-inventory-aws-s3-retrieve-all-data-single
@@ -262,6 +277,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-eks-clusters
         title: EKS clusters
+        docs:
+          desc: |
+            Lists all EKS Kubernetes clusters with their configuration for inventory.
         variants:
           - uid: mondoo-asset-inventory-aws-eks-clusters-all
       - uid: mondoo-asset-inventory-aws-eks-clusters-all
@@ -274,6 +292,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-lambda
         title: Lambda functions
+        docs:
+          desc: |
+            Lists all Lambda serverless functions with their configuration for inventory.
         variants:
           - uid: mondoo-asset-inventory-aws-lambda-all
           - uid: mondoo-asset-inventory-aws-lambda-single
@@ -292,6 +313,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-access-analyzer
         title: Access Analyzers
+        docs:
+          desc: |
+            Lists all IAM Access Analyzer instances that help identify unintended resource access.
         variants:
           - uid: mondoo-asset-inventory-aws-access-analyzer-all
       - uid: mondoo-asset-inventory-aws-access-analyzer-all
@@ -304,6 +328,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-acm-certificates
         title: Certificate Manager certificates
+        docs:
+          desc: |
+            Lists all ACM SSL/TLS certificates for tracking certificate inventory and expiration.
         variants:
           - uid: mondoo-asset-inventory-aws-acm-certificates-all
       - uid: mondoo-asset-inventory-aws-acm-certificates-all
@@ -316,6 +343,9 @@ queries:
 
       - uid: mondoo-asset-inventory-aws-cloudtrail-trails
         title: CloudTrail trails
+        docs:
+          desc: |
+            Lists all CloudTrail trails configured for API activity logging and auditing.
         variants:
           - uid: mondoo-asset-inventory-aws-cloudtrail-trails-all
           - uid: mondoo-asset-inventory-aws-cloudtrail-trails-single

content/mondoo-aws-inventory.mql.yaml

@@ -34,8 +34,12 @@ packs:
     queries:
       - uid: mondoo-dns-inventory-dns-records
         title: Retrieve information about DNS records
+        docs:
+          desc: Returns all DNS records (A, AAAA, CNAME, MX, TXT, etc.) for the domain.
         mql: dns.params
       - uid: mondoo-dns-inventory-dns-mx-records
         title: Retrieve information about the MX records
+        docs:
+          desc: Returns mail exchanger (MX) records with their domain names and preferences for email routing.
         filters: dns.params.MX.name != empty
         mql:  dns.mx { domainName preference }

content/mondoo-dns-inventory.mql.yaml

@@ -33,6 +33,8 @@ packs:
     queries:
       - uid: mondoo-email-inventory-mail-records
         title: Retrieve reverse IP Lookup PTR record
+        docs:
+          desc: Performs reverse DNS lookup on the domain's IP address to verify PTR record configuration.
         mql: |
           reverseDNSDomain =
             dns.params.A.rData.first.split(".")[3] + "."
@@ -43,12 +45,18 @@ packs:
           dns(reverseDNSDomain).params.PTR
       - uid: mondoo-email-inventory-spf-record
         title: Retrieve SPF record
+        docs:
+          desc: Returns TXT records which include SPF (Sender Policy Framework) configuration for email authentication.
         mql: dns.params.TXT
       - uid: mondoo-email-inventory-dmarc-entry
         title: Retrieve DMARC DNS entry
+        docs:
+          desc: Returns the DMARC (Domain-based Message Authentication) record for email policy enforcement.
         mql: dns("_dmarc."+domainName.fqdn).params.TXT
       - uid: mondoo-email-inventory-dkim-configuration
         title: Retrieve DKIM entry
+        docs:
+          desc: Checks for DKIM (DomainKeys Identified Mail) records using common selectors for email signing verification.
         props:
           - uid: mondooEmailSecurityDkimSelectors
             title: Define a list of valid DKIM selectors

content/mondoo-email-inventory.mql.yaml

@@ -37,6 +37,9 @@ queries:
       - uid: mondoo-asset-inventory-gcp-project-info
         title: GCP Project Information
         filters: asset.platform == "gcp-project"
+        docs:
+          desc: |
+            Returns basic GCP project information including name, ID, state, and labels.
         mql: |
           gcp.project {
             name

content/mondoo-gcp-inventory.mql.yaml

@@ -35,14 +35,23 @@ packs:
     queries:
       - uid: mondoo-incident-response-github-org-name
         title: GitHub Organization Name
+        docs:
+          desc: |
+            Returns the display name of the GitHub organization.
         mql: |
           github.organization.name
       - uid: mondoo-incident-response-github-org-login
         title: GitHub Organization Login
+        docs:
+          desc: |
+            Returns the login handle (URL slug) of the GitHub organization.
         mql: |
           github.organization.login
       - uid: mondoo-incident-response-github-org-description
         title: GitHub Organization description
+        docs:
+          desc: |
+            Returns the description configured for the GitHub organization.
         mql: |
           github.organization.description
       - uid: mondoo-incident-response-github-org-mfa-status