I would like to build a overlay profile that leverages a predefined InSpec profile. This can be a generic profile that can be build on CIS benchmarks / STIGs or other security standards. As the base profile does not hold any state which is related to a specific custom environment, the reason for creating an overlay is to provide these as part of the configurable inputs. So far nothing new and this is currently supported by Chef.
In addition, I would also like to include a waiver file as a configurable input inside the profile and when I execute "inspec exec <profile_name>" I would like for this waiver file to be automatically be picked up. This can help maintain waiver files specific to a platform together with the profile. This functionality should apply to the chef-client as well which can report to automate with the waived controls.