Resources ยป Moving Security and Sanity Left by Testing Terraform with Chef InSpec

Moving Security and Sanity Left by Testing Terraform with Chef InSpec

CI/CDCloud TechnologyChefConf OnlineChef InSpecSecurity and ComplianceDevOps

For those that have longed for a simpler test-driven approach to Terraform development, come and see how I've made my team's lives easier by using Test Kitchen for Terraform and how I can validate my deployments with InSpec. This will be a beginner's guide, but all skillsets are welcome to contribute to the conversation!

We'll discuss the different use cases for Terraform testing, such as:

  • Test Driven Development (TDD)

  • Integration Testing and CI/CD

  • Compliance, shifting security left

  • Production provisioning validation

As we know, good testing doesn't just solve CI/CD problems; it solves culture problems. I will seek to convince you of why you need to invest in a good Terraform testing strategy early and how you might have bought into a myth that makes you think you have velocity when you don't (are you running in wet cement).

And if you're late to the game and have existing infrastructure with no tests, that's okay, too. Let's talk about how you can reduce stress by adding in some testing now. It's not too late.

It takes an IT village to do DevOps, so let's talk about moving security and sanity left with InSpec and Terraform. So many use cases, and so little time. You'll leave this talk ready to implement at least one of them.

Speaker

Annie Hedgepeth

Annie Hedgepeth

Senior Cloud Automation Engineer, 10th Magnitude