Skip to main content

PSRule: One of the best ways to validate templates in the cloud

by Jeff Christman
Senior Consultant, Cloud Security

In recent endeavors, I have undertaken an in-depth exploration of PSRule, a rules engine specifically designed for testing Infrastructure as Code (IaC). PSRule operates by subjecting IaC artifacts such as templates, manifests, pipelines, and workflows to static analysis through rules either authored or imported.

The rules engine serves as a validation mechanism for Bicep and ARM templates, allowing scrutiny against a predefined set of rules and conditions established by the user or derived from corporate standards. Notably, a newly introduced module named PSRule for Azure aligns with Well-Architected Framework best practices. These tests allow you to check your Infrastructure as Code (IaC) before or after deployment to Azure.

Concurrently, community contributors are actively engaged in developing supplementary modules for PSRule, concentrating on its applicability within DevOps and GitHub Actions. I am actively investigating the formulation of rules conforming to established standards such as HIPAA, NIS, and other compliance mandates, with detailed insights anticipated in subsequent communications.

PSRule supports running within continuous integration (CI) systems or locally. It is shipped as a PowerShell module which makes it easy to install and distribute updates.  Rules can be written in Powershell, JSON or YAML.  It also supports expressions and assertions. In most cases expressions and assertion method names match. Check to documentation for more details. Documentation and setup guidelines are available on the PSRule Microsoft site.

Based on my work with PSRule, it seems straightforward so far. You have to be pretty well versed in templates, JSON, and PowerShell, but the documentation on it is really well written. It will take some time to get it setup if you are a beginner and don’t quite understand the technology stack. Overall, I really like it.

FREE Membership Required to View Full Content:

Joining MSDynamicsWorld.com gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

About Jeff Christman

Jeff Christman is a distinguished Navy Veteran boasting more than two decades of expertise in the Information Technology sector. He possesses a specialized focus on cloud migration projects, having contributed his skills to prestigious organizations including Raytheon, AT&T, and NASA. Presently, he holds the position of Senior Cloud Security Consultant at a prominent consulting firm. Beyond his professional endeavors, Jeff is an accomplished author and educator, developing and publishing content and courses for renowned platforms such as Pluralsight.com, Techsnips.io, and Adamtheautomator.com.

Outside of his professional pursuits, Jeff enjoys engaging in fantasy football, exploring advancements in technology, and playfully teasing his teenage daughters.

More about Jeff Christman