What is Inspec Inspec is an command line, open source tool, provided by Chef witch audit and automated testing framework for integration, compliance and security. In this post I will explain how to use InSpec for compliance automation of your Azure infrastructure It does not require learning a new language, just knowing how to write the desired state of infrastructure resources Prerequisites
Connect with Azure Either to store the below variables on environment variables or execute the run like below AZURE_SUBSCRIPTION_ID="2fbdbb02-df2e-11e6-bf01-fe55135034f3" \ AZURE_CLIENT_ID="58dc4f6c-df2e-11e6-bf01-fe55135034f3" \ AZURE_CLIENT_SECRET="Jibr4iwwaaZwBb6W" \ How to Use it? Step #1: Create InSpec Profile inspec init profile --platform azure AnyName This command create a new folder ”My-Profile” with all necessaries artifacts for inspec tests, with:
Step #2: Create InSpec Test, inside contols directory Step #2: Let's create new testing scenario vm.rb
Step #3: Execute the test inspec exec . -t azure:// Inspec is a fast and easy tool that can help you on the field of automated compliance as a code. By supporting many different platforms it enables organizations to use one tool for compliance testing throughout their infrastructure landscape. In the end it might be an option to have tests running in a continuous fashion using a CI pipeline so that any changes to your (Azure) cloud infra is tested in a non-prod environment and then promoted to production
2 Comments
MgTi
2/6/2022 05:37:25 pm
Best explanation I have found for the tool
Reply
Erlend Ayen
3/30/2022 01:50:10 am
Hi
Reply
Leave a Reply. |
Author
Mohammad Al Rousan is a Microsoft MVP (Azure), Microsoft Certified Solution Expert (MCSE) in Cloud Platform & Azure DevOps & Infrastructure, An active community blogger and speaker.
Al Rousan has over 8 years of professional experience in IT Infrastructure and very passionate about Microsoft technologies and products. Top 10 Microsoft Azure Blogs
Archives
September 2023
Categories
All
|