Earlier this week, we published a recap of our recent InSpec 2.0 webinar, and covered some of the themes that came up during the Q&A session. A number of attendees asked some variation of the question, “Can InSpec be used with other configuration management tools?” In short, the answer is: absolutely!
Today we’d like to put a finer point on that response with some practical examples. Our latest white paper takes a look at how InSpec can be used in environments managed by Ansible from a practitioner’s perspective.
I’ve written at length about the importance of implementing a Detect, Correct, and Automate workflow to achieve Continuous Automation. It’s no accident that “Detect” is the first stage of this workflow. In order to ensure that you’re achieving your organizational goals, it’s imperative that you first provide a target that needs to be hit. Only then can you be confident that you’ve actually succeeded in configuring your estate. Therefore, it’s important to represent not only your configuration as code, but your compliance as well, and that’s where InSpec shines.
With that in mind, this white paper covers three distinct types of detection that need to be automated:
- Code Testing – Does my Configuration Management code behave the way I expect it to?
- Security Assessment – Is my environment vulnerable to known exploits?
- Compliance Auditing – Does my environment comply with defined compliance frameworks?
For each of these use cases, we look at how InSpec and Ansible can be used together to define, remediate, and verify requirements to ensure that configuration and application updates can be performed quickly and efficiently, and above all safely.
- Check out Learn Chef Rally and the Compliance Automation with InSpec track to get hands-on with InSpec in your environment.
- Our own Franklin Webber has been running a delightful & informative YouTube series called What to Expect when you’re InSpec’ing.
- Learn about using InSpec to validate DISA STIGs in Azure Government with Galen Emery.