Hello InSpec friends!
We are delighted to announce the availability of version 6.6.0 of Chef InSpec. Changes include:
Chef InSpec now requires a license key to run.
Before you can execute scans with InSpec, you must accept the Chef EULA and add a license key.
We've updated the Chef End User License Agreement (EULA). The terms of the EULA are the same as they were before, but we've created three license tiers: Free, Trial, and Commercial.
The Free tier allows personal/non-commercial users to scan 10 targets for an unlimited period of time.
The Trial tier allows trial users to scan unlimited targets for 30 days.
The Commercial tier gives users the features and benefits that come with the subscription they've purchased.
Users who would like to try Chef InSpec 6 can request a free or trial license, which comes with product limitations.
inspec parallel command allows you to simultaneously run multiple audits on multiple cloud or on-prem targets.
This can speed up audits and allow you to remediate problems more quickly.
For more information, see the InSpec Parallel documentation
Audit Logging logs the commands and file accesses made through the underlying Train connection.
To enable this feature, set the environment variable
CHEF_PREVIEW_AUDIT_LOGGING to any non-empty value and Chef InSpec will write logs to
~/.inspec/logs/inspec-audit-TIMESTAMP-PID.log in JSON format.
This is a preview feature with limited capabilities. We are seeking user feedback for future feature development.
For more details, see InSpec Audit Log.
If you set the environment variable
CHEF_PREVIEW_MANDATORY_PROFILE_SIGNING to any non-empty value, Chef InSpec 6 will only execute signed profiles for all profile executions.
Signed profiles, or
.iaf files, are digital artifacts created using the
inspec sign command.
They can be used to create a chain of trust between your content author and your compliance target.
For more information on the feature, which is in preview in Chef InSpec 6 but will be enabled in a future major version, please see InSpec Signing.
We improved how InSpec handles malformed waiver files. (6644)
Previously, InSpec would run until it finished processing a profile and then return an error if there was a problem with a waiver file. Error messages could be quite long and it could take InSpec hours to complete large profiles, wasting users' time.
Now InSpec exits immediately and returns an error if it detects a malformed waiver file. This includes waiver files missing required parameters and YAML files that fail linting.
We overhauled the
inspec check and
inspec export commands to use the parser library to improve security. (6849)
- We no longer support Ruby 2.7 since it became end-of-life (EOL) in March 2023.
You can download binaries directly from Chef Downloads.