Skip to content

mthorley/gke-tf

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

pac

pac

 
 

README.md

README.md

 
 

inspec-exec.sh

inspec-exec.sh

 
 

main.tf

main.tf

 
 

opa-exec.sh

opa-exec.sh

 
 

outputs.tf

outputs.tf

 
 

provider.tf

provider.tf

 
 

terraform.rego

terraform.rego

 
 

variables.tf

variables.tf

 
 

Repository files navigation

gke-tf

Comparison of Inspec and OPA used to verify the tfstate from Terraform GKE resource to ensure it is security hardened and compliant.

Note this is unit testing and is executed post plan but before apply.

Further work will be applied to use https://github.com/instrumenta/conftest with OPA.

Run

For Inspec, use ./inspec-exec.sh This generates a json output of the plan and includes specific output variables that are used by inspec to verify the configuration.

For OPA, use ./opa-exec.sh.

About

Unit testing of Terraform for GKE cluster

Topics

unit-testing gke inspec gke-terraform

Resources

Readme
Activity

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages