Automating system configurations -- infrastructure as code -- has been around for more than 10 years now, and in that time DevOps teams have embraced a variety of tools to do the work. But configuration is only half the story; auditing systems for continuous compliance is a must, and with Chef InSpec you can analyze any system for problems -- even if it wasn't initially configured with Chef.
This newly updated white paper, Using Chef Inspec To Achieve Compliance Automation With Ansible, explains how to do just that. It includes examples of Ansible playbooks used to configure a server, using Test Kitchen to test and validate those configurations, and Chef InSpec to verify settings on live nodes. These examples illustrate the flexibility of Chef InSpec to work alongside Ansible, Puppet, Salt, bash scripts or even manually configured systems.
This white paper covers:
- Code Testing – Does my configuration management code behave the way I expect it to?
- Security Assessment – Is my environment vulnerable to known exploits?
- Compliance Auditing – Does my environment comply with defined compliance frameworks?
For each of these use cases, Chef InSpec and Ansible can be used together to define, remediate, and verify requirements to ensure configuration and application updates can be performed quickly and efficiently, and above all safely.