Inspec Portefaix
Instructions for check Portefaix infrastructure on Microsoft Azure
Inspec
inspec is used to check infrastructure.
Check:
❯ make -f hack/build/azure.mk inspec-debug
Test infrastructure
────────────────────────────── Platform Details ──────────────────────────────
Name: azure
Families: cloud, api
Release: azure_mgmt_resources-v0.17.8
Execute tests:
❯ make -f hack/build/azure.mk inspec-test SERVICE=iac/azure/<SERVICE> ENV=dev
You could upload JSON results file to Heimdall Lite to display ressults
Microsoft Azure CIS Foundations
You could perform tests accoring the CIS Microsoft Azure Foundations Security Benchmark:
❯ make -f hack/build/azure.mk inspec-cis ENV=dev
AKS
| Code | Description |
|---|---|
resourcegroup-1 |
Check that resource group exists |
aks-1 |
Ensure logging to Azure Monitor is configured |
aks-2 |
Ensure RBAC is enabled |
aks-3 |
Ensure API Server Authorized IP Ranges are configured |
Last modified 07.10.2021: Fix: makefiles path (031a3b9)