✅ Test your cloud infrastructure in plain English, no code required.
Write infrastructure tests for Terraform, Docker, and Kubernetes in plain English, without writing a single line of code. InfraSpec pairs a vast library of common testing patterns with a domain-specific language for testing infrastructure.
Tests are written using easy to learn Gherkin syntax, which is suitable for both technical and non-technical team members.
Here's how easy it is to test a Terraform S3 bucket configuration:
Feature: S3 Bucket Creation
As a DevOps Engineer
I want to create an S3 bucket with guardrails
So that I can store my data securely
Scenario: Create an S3 bucket with a name
Given I have a Terraform configuration in "./s3-bucket"
And I set variable "bucket_name" to "my-bucket"
When I run Terraform apply
Then the S3 bucket "my-bucket" should exist
And the S3 bucket "my-bucket" should have a versioning configuration
And the S3 bucket "my-bucket" should have a public access block
And the S3 bucket "my-bucket" should have a server access logging configuration
And the S3 bucket "my-bucket" should have a encryption configurationInfraSpec automatically translates your natural language specifications into executable infrastructure tests.
Warning
This project is still in heavy development and is likely to change!
- 🗣️ Plain English syntax - Write tests that read like documentation.
- 👥 Team-friendly - Non-technical stakeholders can contribute and review.
- 🚀 Zero setup - Works with your existing Terraform, Docker, and Kubernetes configurations.
- 📚 Rich test library - Hundreds of pre-built testing patterns for common scenarios.
- ⚡ Fast feedback - Catch infrastructure issues before they reach production.
🏗️ Terraform
- Resource configurations and relationships
- Security policies and compliance
- Cost optimization rules
- Multi-environment consistency
☁️ AWS
- DynamoDB tables
- RDS DB instances
- S3 bucket configurations
🐳 Docker (Coming Soon)
- Image security and vulnerabilities
- Container resource limits
- Network configurations
- Build optimization
☸️ Kubernetes (Coming Soon)
- Deployment strategies and rollouts
- Resource quotas and limits
- Network policies and security contexts
- Service mesh configurations
At the moment, only a subset of AWS infrastructure is supported, but over time we hope to support other clouds and tooling.
| Product | Description | Status |
|---|---|---|
| API Gateway | Not Implemented | ⏳ |
| DynamoDB | Partially Supported | ✅ |
| ElastiCache | Not Implemented | ⏳ |
| RDS | Partially Supported | ✅ |
| RDS Aurora | Not Implemented | ⏳ |
| S3 | Partially Supported | ✅ |
- Install InfraSpec using Homebrew:
brew tap robmorgan/infraspec
brew install infraspecOr if you have Go installed, you can install InfraSpec using:
go install github.com/robmorgan/infraspec@latest- Initialize a repo containing your infrastructure code:
infraspec init # creates a ./features directory if it doesn't already exist- Create your first infrastructure test:
infraspec new dynamodb.feature- Run the tests
infraspec features/dynamodb.featureTip
If your using VS Code, we recommend installing the Cucumber (Gherkin) Full Support extension for syntax highlighting.
Contributions are welcome! Please open an issue or submit a pull request. Please note, that this project is still in it's infancy and many internal APIs are likely to change.
Note: Our tests use LocalStack, which emulates the AWS APIs, in order to save both time and money.