Deployed on AWS
    Progress Chef accelerates your DevSecOps journey, modernizes the continuous delivery of secure applications and infrastructure, and enables you to define Policy as Code to confidently manage your entire fleet.
    4.1

    Overview

    Play video

    Accelerate your DevSecOps journey with Chef and AWS and take advantage of the flexibility, scalability, testability, security, reliability, and observability that they bring together.

    The Progress® Chef® portfolio includes solutions for infrastructure management, application delivery (including edge devices), support for cloud-to-edge security and continuous compliance solutions - accessible through a unified interface for thorough fleet-wide visibility and control.

    Infrastructure Management

    Chef uses a policy-as-code approach to streamline configuration management in any environment: on-premises, cloud, or hybrid, regardless of underlying infrastructure or OS.

    Security and Compliance Automation

    Chef helps organizations streamline the maintenance of compliant IT infrastructure, whether on-premises or in the cloud. It leverages certified, curated audit and remediation content catering to standard benchmarks such as CIS, DISA-STIGs and internal regulations across diverse IT fleets, including Cloud and Kubernetes Security Posture Management.

    If you need a customized private offer, we can create one tailored to your needs. Please contact us at marketplaces@progress.com 

    Highlights

    • Configuration Management for All Platforms and Operating Systems
    • Continuous Compliance Audits and Automated Remediation
    • Cloud Security Posture Management (CSPM)

    Details

    Delivery method

    Delivery option
    Chef_on_AWS_Marketplace

    Latest version

    Operating system
    Ubuntu 24.04

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Buyer guide

    Gain valuable insights from real users who purchased this product, powered by PeerSpot.
    Buyer guide

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (34)

     Info
    Dimension
    Cost/hour
    d2.4xlarge
    $0.20
    i3.8xlarge
    $0.20
    d2.2xlarge
    $0.20
    m5.large
    $0.20
    m4.large
    $0.20
    i3.4xlarge
    $0.20
    t2.xlarge
    $0.20
    t3.xlarge
    $0.20
    i3.2xlarge
    $0.20
    m5.4xlarge
    $0.20

    Custom pricing options

    Request a private offer to receive a custom quote.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Chef_on_AWS_Marketplace

    About 10 minutes after launching the Chef Automate AMI, you can access the application via a browser at https://<public_dns-name>/. Credential are provided from the instance dashboard, or you can shell into the instance to get your unique login credentials in ~/automate-credentials.toml. For hands-on learning, please visit https://learn.chef.io/ 

    CloudFormation Template (CFT)

    AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."

    Additional details

    Usage instructions

    About 10 minutes after launching the Chef Automate AMI, you can access the application via a browser at https://<public_dns-name>/. Credential are provided from the instance dashboard, or you can shell into the instance to get your unique login credentials in ~/automate-credentials.toml. For hands-on learning, please visit https://learn.chef.io/ 

    Support

    Vendor support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Infrastructure as Code, Continuous Integration and Continuous Delivery
    Top
    10
    In Migration
    Top
    50
    In Device Security

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Policy-as-Code Configuration Management
    Implements policy-as-code approach for configuration management across on-premises, cloud, and hybrid environments regardless of underlying infrastructure or operating system.
    Continuous Compliance Auditing
    Performs continuous compliance audits leveraging certified and curated content aligned with standard benchmarks including CIS and DISA-STIGs across diverse IT fleets.
    Automated Remediation
    Executes automated remediation of non-compliant infrastructure configurations to maintain compliance posture across on-premises and cloud environments.
    Cloud Security Posture Management
    Provides cloud security posture management capabilities including cloud and Kubernetes security posture assessment and management.
    Unified Fleet Management Interface
    Delivers unified interface for fleet-wide visibility and control across infrastructure management, application delivery, and edge devices.
    AI-Powered Infrastructure Automation
    Integrates with Amazon Bedrock and AWS MCP Server to convert natural-language intent into production-ready AWS infrastructure through pre-built agentic AI agents
    Multi-Domain Pre-built Agents
    Includes pre-built agents for Kubernetes, CI/CD, observability, security, and compliance automation across AWS infrastructure
    Self-Hosted Deployment with IAM Integration
    Deployed as a single-tenant solution within an EC2 instance in customer AWS account, using IAM roles with instance profiles instead of access keys to inherit existing IAM policies
    Infrastructure as Code and API Access
    Provides web interface, REST API, and Terraform provider for infrastructure provisioning and management
    Compliance and Security Automation
    Supports automated compliance frameworks including SOC 2, HIPAA, PCI-DSS, ISO, NIST, HITRUST, and FedRAMP through built-in security agents, antivirus, HIDS, NIDS, CIS hardening, and automated patching
    AI-Driven Vulnerability Prioritization
    Context-aware AI agents analyze exploitability, blast radius, compensating controls, and business impact to score and rank vulnerabilities for focused remediation efforts.
    Automated Remediation with Rollback Capabilities
    Machine-speed patching and policy fixes at scale using pre-tested code with full visibility into actions, rollback capabilities, and ITSM tool integration.
    Multi-Environment Vulnerability Scanning
    Agentless scanning and Policy-as-Code coverage across AWS, Azure, GCP, on-premises servers, endpoints, SaaS applications, and CI/CD pipelines.
    Continuous Monitoring and Drift Prevention
    Persistent scanning with continuous monitoring and drift prevention using open-source technologies like Ansible and Terraform for unified vulnerability lifecycle management.
    Compliance Framework Enforcement
    Support for 300+ out-of-the-box compliance frameworks including PCI DSS, NIST, and ISO 27001 with DevOps pipeline integration such as GitHub Actions and Jenkins.

    Contract

     Info
    Standard contract
    No

    Customer reviews

    Ratings and reviews

     Info
    4.1
    96 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    51%
    38%
    9%
    1%
    1%
    6 AWS reviews
    |
    90 external reviews
    External reviews are from G2  and PeerSpot .
    Nomzamo X.

    Efficient Automation Tool with a Learning Curve

    Reviewed on Jul 06, 2026
    Review provided by G2
    What do you like best about the product?
    I like Progress Chef's ability to automate infrastructure management and maintain consistent server configuration across environments. It reduces manual work, it's reliable, and saves time.
    What do you dislike about the product?
    Learning can be a challenge. Improved documentation would make it easier. I think a more step-by-step guide for beginners and clear troubleshooting documentation for common errors would help.
    What problems is the product solving and how is that benefiting you?
    I use Progress Chef to automate and configure servers, eliminating manual setup errors and maintaining consistent configurations. It's reliable, reduces manual work, and saves time.
    Judith Mologadi M.

    Simplifies Automation and Boosts Consistency Across Environments

    Reviewed on Jul 06, 2026
    Review provided by G2
    What do you like best about the product?
    It simplifies automation,improves consistency and reduce manual effort in managing our environments
    What do you dislike about the product?
    The initial setup and troubleshooting can be complex for new users
    What problems is the product solving and how is that benefiting you?
    Progress chef helps automate infrastructure and configuration management,reducing manual effort,improving consistency and enabling faster,more reliable deployment
    Kwazikonke M.

    Exceptional Monitoring and Compliance Tool

    Reviewed on Jul 01, 2026
    Review provided by G2
    What do you like best about the product?
    I like Progress Chef for its visibility and monitoring capabilities. It allows us to easily track Chef-managed VMs, verify they are checking in successfully, and quickly identify systems that require attention. It helps us see which VMs are healthy, failing, missing, or checking in as expected, and when a system stops reporting, we can identify and investigate it immediately.
    What do you dislike about the product?
    Nothing
    What problems is the product solving and how is that benefiting you?
    I use Progress Chef to monitor and track VMs, ensuring regular check-ins and compliance. It solves the challenge of monitoring managed VMs and provides visibility to quickly identify systems needing attention, helping maintain our infrastructure standards.
    G Srivastava

    Agent setup and complexity have limited automation benefits but have reduced manual patching work

    Reviewed on Jun 18, 2026
    Review provided by PeerSpot

    What is our primary use case?

    We used Chef , the automation tool, as an Infrastructure as Code  tool for configuration deployment, such as deploying patches on numerous servers, first on the development box, then on QA, and then on production. That was the main use case for us in the initial stage of using Chef . We then started using Chef for configuration changes. We deployed all those things on the workstation, pushed the recipes from the workstation to the Chef server, and the Chef client pulled from the Chef server, so that is how all the configurations got matched.

    Before using Chef, we patched our servers manually or with shell scripts. Suppose we had 100 servers in our development area and needed to patch them all in a day or a week. We would run those shell scripts and wait for their outputs while going on each server to find out what patches had already been applied and if the server had been rebooted. That was a very long-running task for us. With the help of Chef, we configured all those nodes as Chef clients and matched or configured all those nodes by subscribing them to the Chef server. We changed the configuration file with the help of a recipe and pushed those recipes from the workstation to the Chef server. Chef clients started comparing their configuration files from their client to the server. That is how they started to patch themselves and make changes to their configuration files. This was the main use case for us when we started to use this automation tool.

    After that, suppose we had 10 servers currently and 10 new servers. We had an application to deploy and the application team requested 10 servers with those many tools, users, configurations, and server hardlink compliance. We simply wrote those recipes in the workstation and pushed those recipes to the Chef server. Chef Client and Ohai were already installed on all 10 servers, and they simply compared their configuration files from Chef client to Chef server. As soon as there was a difference in the configuration, the Chef client pulled all those configurations and automatically deployed all those configurations on those nodes. That is how easy it was for us to deliver the servers or the configurations in a faster manner with the help of Chef.

    For SAP servers, we needed to make many changes in files such as sysctl.conf on the Linux server. Suppose we had a brand new server delivered to us from a cloud platform, and we needed to make all those changes so that it could have all the security-related features or changes on the server. Instead of manually doing those changes on all those SAP servers, we could simply write a Chef recipe once and it would be applied on all those SAP servers. That is how it benefited us.

    When I used Chef in my previous organization five years ago, it was on-prem servers.

    We had not used any other solution before using Chef. We were using all those tasks with shell scripts only. After using Chef, we found other configuration management tools, such as Ansible  and Terraform , which we found better, and then we switched from Chef to Ansible .

    What is most valuable?

    The main use case is the Infrastructure as Code . We can simply change any system configuration, whether it is related to changes of any port number of any files, or we can use package installation. We can help with user and group management. If we need to deploy any application, security hardening is the main tool. For the SAP servers, we need to update many codes, files, programs, and features on the server. With the help of Chef, we can just change those things in a recipe, and those recipes are going to be pulled by all those systems, changing themselves in a minute. Security and compliance hardening are also features we find very useful.

    The manual work has been reduced with the help of this automation. We do not need to have 15 or 20 engineers to do those tasks manually. We only need two or three people to write those recipes and upload them on the Chef server. Once the configuration tool pulls those changes from the Chef server, it automatically deploys all those changes. It has reduced our manpower and our costs.

    For example, suppose we have 20 servers to patch in this cycle and we need to deliver them in a week. Earlier we used to have six or seven engineers to patch all those 20 servers because it was a manual task. They had to log in on those servers and review if the patches had been correctly deployed. They also needed to validate the changes performed before or after the reboot of the servers. That was a lengthy task and they had to manage all those screenshots and comparisons of those screenshots. With the help of Chef automation tool, we simply deployed the recipe on the workstation and it got uploaded to the workstation, and all those 10 servers and 15 servers pulled the patches from the Chef server. With the help of Chef Client and Ohai, they patched themselves, and we simply clicked another recipe to reboot the servers. That is how only two or three engineers are required to patch those 20 servers. The number of engineers has been reduced and the timing has also been reduced by 10 to 12 hours for each server.

    Chef is stable. If we have a large number of servers, it is stable.

    What needs improvement?

    There are other automation tools, configuration management tools in the market, which offer many good functionalities compared to Chef. For Chef, we need to install those agents, the Chef client, on all those nodes. That is another heinous task to perform on those nodes. Compared with other tools, they do not require any agent; they simply push configurations to all the clients. Chef needs to improve on this agent installation on all those nodes.

    I would say that the agent configuration is required, and we need to manage the workstation, the Chef server, and then the Chef client. These two or three things are very difficult. It is a time-taking task compared with other configuration management tools.

    They need to compete with other tools, such as Ansible or Terraform . They should work on their agent part. If they can remove the agent installation on the nodes and combine both the Chef server and workstation into one server, that will provide a significant benefit in cost for the clients. They should aim for an agentless architecture rather than an agent-based architecture, which will help other customers.

    That is a very difficult thing because I have stopped using Chef. If you have very good developers who are skilled in Ruby language and can write codes in the Chef recipe, then those developers should start using Chef.

    For how long have I used the solution?

    I have been working in my current field for 10 plus years.

    What do I think about the stability of the solution?

    Chef is stable. If we have a large number of servers, it is stable.

    What do I think about the scalability of the solution?

    Chef can be scaled. It is very good in scalability, and we just need to configure the client nodes and it will start adding them, and those clients will start pulling the information from the Chef server. It is highly scalable and we have not faced any issues when using Chef in terms of scalability.

    How are customer service and support?

    Since we used the free version, the license cost was zero. We have not used the paid version, so we have not had the option to create a ticket for support. However, the developer option or community support is good on Chef, and Chef codes, which are in Ruby language, are easily available on Chef Supermarket, so we found them very useful.

    Which solution did I use previously and why did I switch?

    We had not used any other solution before using Chef. We were using all those tasks with shell scripts only. After using Chef, we found other configuration management tools, such as Ansible and Terraform, which we found better, and then we switched from Chef to Ansible.

    There was another tool called Puppet , but Puppet  and Chef are both pull-based configuration tools, and Puppet has a limitation of 25 nodes to perform. That is why we went with Chef.

    How was the initial setup?

    We simply downloaded Chef from their website, chef.io, and deployed it on the workstation to start using it.

    What's my experience with pricing, setup cost, and licensing?

    The licensing cost is zero for Chef if you are using the free version. They have developed other versions, such as SaaS-based and self-managed. For the SaaS-based version, it is $59 per node per year. I think it can be costly considering the advantages and disadvantages of Chef. Anyone can start using the free version or the zero-cost license with no upfront cost required, but the setup requires a cost. We need to set up a workstation server and a Chef server, so there will be costs for those two servers regardless of whether they are deployed on-prem or on the cloud.

    Which other solutions did I evaluate?

    There are other automation tools, configuration management tools in the market, which offer many good functionalities compared to Chef. For Chef, we need to install those agents, the Chef client, on all those nodes. That is another heinous task to perform on those nodes. Compared with other tools, they do not require any agent; they simply push configurations to all the clients. Chef needs to improve on this agent installation on all those nodes.

    I would say that the agent configuration is required, and we need to manage the workstation, the Chef server, and then the Chef client. These two or three things are very difficult. It is a time-taking task compared with other configuration management tools.

    They need to compete with other tools, such as Ansible or Terraform. They should work on their agent part. If they can remove the agent installation on the nodes and combine both the Chef server and workstation into one server, that will provide a significant benefit in cost for the clients. They should aim for an agentless architecture rather than an agent-based architecture, which will help other customers.

    That is a very difficult thing because I have stopped using Chef. If you have very good developers who are skilled in Ruby language and can write codes in the Chef recipe, then those developers should start using Chef.

    What other advice do I have?

    After using Chef, we found other configuration management tools, such as Ansible and Terraform, which we found better, and then we switched from Chef to Ansible.

    There was another tool called Puppet, but Puppet and Chef are both pull-based configuration tools, and Puppet has a limitation of 25 nodes to perform. That is why we went with Chef.

    I chose that number because the other automation tools, the other configuration tools are far better. I would give them nine or ten, for example, Ansible. They are not agent-based tools; they simply push configurations, and there is no need to install these tools or the clients on the nodes. Other tools are much better than Chef these days. I would rate this review as five out of ten.

    FedirPlotnikov

    Automated configuration has standardized my servers but now requires careful resource planning

    Reviewed on May 30, 2026
    Review from a verified AWS customer

    What is our primary use case?

    My main use case for Chef  is configuration management to set up systems, provision software, and keep configurations up to date.

    I create Chef  recipes for setup and install needed software from a clean Linux installation to set up server roles, which is a specific example of how I use Chef to manage and provision software while keeping configurations up to date.

    What is most valuable?

    The best features Chef offers include configuration management and server-client setup, along with the ability to coordinate with Chef servers to keep servers up to date automatically and remove any configuration drift from the system automatically.

    Chef handles configuration drift automatically by having Chef client contact Chef server, retrieve needed recipes and variables set up for a specific server, verify the current server state with the required state and configuration, and automatically make changes if needed.

    Chef has created much faster procedures for system setup and rollout of infrastructure in my organization, as well as for scaling and ensuring that all servers are configured identically. It has removed the possibility of human error from configuration. Plus, it ensures that all servers for specific roles have an identical setup, which makes debugging much easier, along with performance optimization and security measures.

    What needs improvement?

    I do not have anything in mind at this time for how Chef could be improved.

    For how long have I used the solution?

    I have been using Chef for approximately five years.

    What do I think about the scalability of the solution?

    I chose a rating of seven because Chef is a great tool, but sometimes resource consumption is quite large, and it requires server-side setup, which is not required but should be considered if you are using server-client plus server. Server size actually depends on the number of clients, and you need to consider this during your setup.

    What other advice do I have?

    My advice to others looking into using Chef is to be ready to learn Ruby at least on a basic level. I have never used AI in Chef. I gave this product a rating of seven.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    View all reviews