Infrascrutures as Code (IaC)¶
Agnostic¶
Tools¶
Testing¶
- :star2: OPA
- kitchen
- Kitchen-Terraform Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls.
- rspec
- rspec-terraform)
- InSpec Chef InSpec is an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.
- Goss Goss is a YAML based serverspec alternative tool for validating a serverβs configuration. It eases the process of writing tests by allowing the user to generate tests from the current system state. Once the test suite is written they can be executed, waited-on, or served as a health endpoint.
- driftctl driftctl is a free and open-source CLI that warns of infrastructure drift and fills in the missing piece in your DevSecOps toolbox.
- snyk-iac
Articles¶
- Test-Driven Development for Infrastructure
- Moving Security and Sanity Left by Testing Terraform with InSpec
- Terraform Code Reviews: Supercharged with Conftest
- Testing Infrastructure as Code on Localhost
- Developing Terraform Modules at Scale
- Testing your HCL Modules
Terraform¶
Tools¶
- π terraspace The Terraform Framework
- π terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for keeping your Terraform configurations DRY, working with multiple Terraform modules, and managing remote state.
- β terraform-cdk Cloud Development Kit for Terraform (CDKTF) allows you to use familiar programming languages to define cloud infrastructure.
- terraboard A Web dashboard to inspect and query Terraform states
- terrafile manage external modules from Github for use in Terraform.
- terramate erramate is a tool for managing multiple Terraform stacks.
- Terraform Visual Terraform Visual is a simple tool to help you understand your Terraform plan easily.
- π TerraCognita: Read from your existing cloud providers and generate IaC in Terraform
- β tfenv Terraform version manager inspired by rbenv.
- π terraformer - CLI tool to generate terraform files from existing infrastructure. Infrastructure to Code. Supported many providers.
- Argonaut Provision environments, cloud managed infrastructure, app deployments, and third party tools in one place.
Testing¶
- β tfsec Terraform static analysis tool that supports terraform <0.12 & >=0.12 & directly integrates with HCL parser for better results.
- Terratest
- terraform-compliance: A lightweight, security and compliance focused test framework against terraform to enable negative testing capability for your infrastructure-as-code.
- kitchen
- Kitchen-Terraform Kitchen-Terraform provides a set of Test Kitchen plugins which enable the use of Test Kitchen to converge a Terraform configuration and verify the resulting infrastructure systems with InSpec controls.
- rspec
- rspec-terraform)
- :star2: OPA Terraform
Documentation & Analysis¶
- β Terraform-docs Generate Terraform modules documentation in various formats
- β Infracost Cloud cost estimates for Terraform in pull requests
- π InfraMap: Reads .tfstate or HCL to generate a graph specific for each provider
- π TerraCost Cloud cost estimation for Terraform in the CLI
Resources¶
- π cloudposse Hundreds of well designed exemples for terraform
Articles¶
- Terragrunt β Inter-module dependency management
- AWS Lambda the Terraform Way
- Terragrunt/Terraform with Atlantis to Automate your Infrastructure Pull Requests
- Implement compliance testing with Terraform and Azure
- Implement end-to-end Terratest testing on Terraform projects
- Implement integration tests for Terraform projects in Azure