capturing my experience with everything devopsy
A few months back, I came across an interesting concept of deploying infrastructure in a layered fashion, and I wish I had the URL saved to refer to it again. Nevertheless, the gist of the idea was that you could build an application product environment by deploying layer after layer of infrastructure. A layer of … Continue reading Terraform remote state file as a data source to support a layered IAC approach
As the name suggests, Static analysis is the ability to scan software code to search and highlight deviations from specified standards. The purpose of static code analysis is to speed up the feedback process of developing software or infrastructure. In general, once code is merged/committed to a repository, failures/defects/bugs are identified during the following stages: … Continue reading Static analysis with Checkov, Terraform, and Azure Pipelines
A few weeks ago, I created a peering relationship between two VPCs that belonged to separate AWS accounts using Terraform. This note captures my learning from that exercise. But before I do so, let me briefly give an overview of VPC peering and then walk through the process of creating one. Per AWS, "Amazon Virtual … Continue reading VPC Peering using Terraform across separate AWS accounts
A few months back, HashiCorp released a new feature in Terraform provider version 3.38.0 where they introduced default tags. Tags have been a helpful feature while working with a cloud provider because it allows one to quickly and (depending on one's tagging strategy) uniquely identify a cloud resource. Terraform, as we know, is an infrastructure … Continue reading Working with Terraform tags
We want to do it right and do it right the first and every time, whether it is learning to play the guitar or to create software. Or whether it is creating a version-able, re-usable, repeatable, and testable approach to provisioning infrastructure on the cloud. AKA infrastructure as code. And by the way, before you … Continue reading What is terraform import and why you too should know about it
This note is a short addition to the last post -CI/CD of Terraform workspace with YAML-based Azure Pipelines. At the end of that article, I mentioned a few alternate routes regarding YAML-based Azure Pipelines, which I will be covering here. So that we are on the same page, I broke down the build pipeline into … Continue reading YAML based Azure Pipeline approach for CI/CD of Terraform workspace
This note focuses on using Azure DevOps with Terraform workspace to automate the ideas discussed in the previous two notes (i) CI/CD using Terraform and Azure Pipelines -ideation and (ii) Terraform workspace with multiple AWS accounts. If you are new to Azure DevOps, I would suggest you familiarize yourself with either Azure DevOps build and … Continue reading CI/CD of Terraform workspace with YAML based Azure Pipelines
My objectives was to use Terraform to provision resources across environments in the AWS cloud infrastructure. Following a typical CI/CD model, my idea was to build once and deploy multiple. Since there was nothing to build in terraform, I wanted to make sure the same terraform code was applied across all environments. So I thought, … Continue reading Terraform workspace with multiple AWS accounts
After writing a few notes on "Azure DevOps and Terraform," I thought of exploring the idea of integrating Azure DevOps and Terraform a little further. Generally speaking, in Azure Pipelines (classic editor), a build definition (pipeline in Azure DevOps services) is used to compile and package an artifact. Then, under Releases, we have a release … Continue reading CI/CD using Terraform and Azure Pipelines -ideation
In this post, I discuss step by step using AWS CLI how to create a trust relationship between a user in the Trusted account and a role in the Trusting account. The idea is, in the end, we will have the credentials of a user in the Trusted AWS account that can manage resources in … Continue reading Creating IAM assume-role relationship between two AWS accounts
