More Guidance On Usage
jseiser opened this issue · 2 comments
jseiser commented
I have just started using inspec to run tests against my infrastructure that is generated via terraform. Everything is working great. I output the terraform results to a JSON file, parse it to create various variables and then use those variables in my tests.
Looking at this profile, Im not quite sure
- Where should this run from. External to the cluster, inside a container on a node, physically on a worker node etc.
- Do I need to pass in any external information? IP's of the masters, etc.
Thanks,
tstuber commented
- You have to run this profile against your master/worker nodes.
Either you can run it from a central InSpec host in your cluster, or you can run it on your kubernetes master/workers locally. Both approaches are possible.
For example if you run it from a central host, you can execute it like this:
inspec exec profiles/cis-kubernetes-benchmark -t ssh://user@host.example.com -i /your/ssh/key --reporter cli json:/var/inspec/report.json --sudo
- You do not have to pass any external information to run it.
rarenerd commented
Thank you for adding the explanation :)
I will close this issue now, please let us know if there is anything else we can do.