Inspec Portefaix

Instructions for check Portefaix infrastructure on Microsoft Azure

Inspec

inspec is used to check infrastructure.

Check:

❯ make -f hack/build/azure.mk inspec-debug
Test infrastructure

 ────────────────────────────── Platform Details ──────────────────────────────

Name:      azure
Families:  cloud, api
Release:   azure_mgmt_resources-v0.17.8

Execute tests:

❯ make -f hack/build/azure.mk inspec-test SERVICE=iac/azure/<SERVICE> ENV=dev

You could upload JSON results file to Heimdall Lite to display ressults

Microsoft Azure CIS Foundations

You could perform tests accoring the CIS Microsoft Azure Foundations Security Benchmark:

❯ make -f hack/build/azure.mk inspec-cis ENV=dev

AKS

AKS

Code Description
resourcegroup-1 Check that resource group exists
aks-1 Ensure logging to Azure Monitor is configured
aks-2 Ensure RBAC is enabled
aks-3 Ensure API Server Authorized IP Ranges are configured
Last modified 07.10.2021: Fix: makefiles path (031a3b9)