What is Inspec
Inspec is an command line, open source tool, provided by Chef witch audit and automated testing framework for integration, compliance and security.
In this post I will explain how to use InSpec for compliance automation of your Azure infrastructure
It does not require learning a new language, just knowing how to write the desired state of infrastructure resources
Connect with Azure
Either to store the below variables on environment variables or execute the run like below
AZURE_SUBSCRIPTION_ID="2fbdbb02-df2e-11e6-bf01-fe55135034f3" \ AZURE_CLIENT_ID="58dc4f6c-df2e-11e6-bf01-fe55135034f3" \ AZURE_CLIENT_SECRET="Jibr4iwwaaZwBb6W" \
How to Use it?
Step #1: Create InSpec Profile
inspec init profile --platform azure AnyName
This command create a new folder ”My-Profile” with all necessaries artifacts for inspec tests, with:
Step #2: Create InSpec Test, inside contols directory
Step #2: Let's create new testing scenario
Step #3: Execute the test
inspec exec . -t azure://
Inspec is a fast and easy tool that can help you on the field of automated compliance as a code. By supporting many different platforms it enables organizations to use one tool for compliance testing throughout their infrastructure landscape. In the end it might be an option to have tests running in a continuous fashion using a CI pipeline so that any changes to your (Azure) cloud infra is tested in a non-prod environment and then promoted to production
Mohammad Al Rousan is a Microsoft MVP (Azure), Microsoft Certified Solution Expert (MCSE) in Cloud Platform & Azure DevOps & Infrastructure, An active community blogger and speaker.
Al Rousan has over 8 years of professional experience in IT Infrastructure and very passionate about Microsoft technologies and products.
Top 10 Microsoft Azure Blogs