Automated compliance testing with InSpec

Strictly Managed

Conclusions

InSpec is impressive on several levels. Installing and handling the tool is very easy. Chef keeps its promise that administrators can use InSpec without the need for major programming experience. Although the code is in Ruby, creating tests is not difficult and does not require any in-depth knowledge of Ruby. A further advantage is its easy-to-understand syntax: Meaningful function names help.

If you have to deal with compliance as a manager in your company, InSpec is perfect because it is a standalone tool that can be operated without the Chef automation tool in environments where a competing tool is already in place (e.g., Ansible or Puppet). The option to pair InSpec with automation frameworks, such as Jenkins, is another huge benefit. If you want to automate compliance testing, you should take a very close look at InSpec.

If you already use the Chef tool, you can use InSpec as part of an audit cookbook. Attributes and parameters can be used to transfer additional values to InSpec, which it then references for operations. The InSpec documentation [8] is well worth reading and contains more details on this topic.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus