/inspec-test-examples

InSpec Test Examples

Primary LanguageHCLMIT LicenseMIT

InSpec Test Examples

This repository contains three InSpec test examples:

  • testing a manually configured IAM user
  • testing an AWS CloudFormation managed S3 Bucket
  • testing a Terraform managed EC2 + RDS full stack environment

Provision Cloud Resources

AWS CloudFormation

To provision the CloudFormation stacks:

$ aws cloudformation create-stack --stack-name <stack-name> --template-body file://cloudformation/01_s3.yaml

Terraform

To provision the resources with Terraform, from the terraform directory:

$ terraform apply

Test Cloud Resources with InSpec

InSpec tests live in the test folder and can be run at the command line with InSpec.

Install InSpec

Follow the directions here to install InSpec.

Verify Your InSpec Setup

To verify your InSpec setup for AWS:

$ inspec detect -t aws://

or with a specific AWS region/profile:

$ inspec detect -t aws://<aws-region>/<aws-profile>

Run Tests

To run the InSpec tests against your AWS infrastructure:

$ inspec exec test -t aws://

or with a specific AWS region/profile:

$ inspec exec test -t aws://<aws-region>/<aws-profile>

Use Terraform Outputs

For example 3, you'll need to use outputs from your Terraform config files as inputs to your InSpec tests. From the terraform directory:

$ mkdir ../test/files
$ terraform output --json > ../test/files/terraform.json

and then run the InSpec tests.

More About InSpec

Learn more about using InSpec to test your cloud resources here.