InSpec is an open-source run-time framework and rule language used to specify compliance, security, and policy requirements for testing any node in your infrastructure.
- The project name refers to “infrastructure specification”
- InSpec includes a collection of resources to help you write auditing rules quickly and easily using the Compliance DSL
- Use InSpec to examine any node in your infrastructure; run the tests locally or remotely
- Any detected security, compliance, or policy issues are flagged in a log
- The InSpec audit resource framework is fully compatible with Chef Compliance
To learn more about InSpec, see the InSpec website. The site contains tutorials and reference documentation on how to use the various audit resources, profiles, InSpec CLI, and more.