Skip to main content
Presentation

Moving Security and Sanity Left by Testing Terraform with InSpec

A test-driven approach to Terraform.

For those that have longed for a simpler test-driven approach to Terraform development, come and see how 10th Magnitude uses Test Kitchen for Terraform and how to validate deployments with InSpec. This will be a beginner's guide, but all skillsets are welcome to contribute to the conversation!

What You'll Learn

We'll discuss the different use cases for Terraform testing, such as: - Test Driven Development (TDD) - Integration Testing and CI/CD - Compliance, shifting security left - Production provisioning validation

As we know, good testing doesn't just solve CI/CD problems; it solves culture problems. I will seek to convince you of why you need to invest in a good Terraform testing strategy early and how you might have bought into a myth that makes you think you have velocity when you don't (are you running in wet cement).

And if you're late to the game and have existing infrastructure with no tests, that's okay, too. Let's talk about how you can reduce stress by adding in some testing now. It's not too late.

It takes an IT village to do DevOps, so let's talk about moving security and sanity left with InSpec and Terraform. So many use cases, and so little time. You'll leave this talk ready to implement at least one of them.

Slides in this GitHub repo.

More resources like this one

3/15/2023Presentation

Advanced Terraform techniques

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

2/1/2023Case Study

Should My Team Really Need to Know Terraform?

1/20/2023Case Study

Packaging security in Terraform modules