Automate Terraform configuration scan with Checkov and GitHub Actions

April 12, 2023May 8, 2023 ~ sourav kundu ~ 9 Comments

Terraform enables developers to create cloud resources via a few lines of code. Hence, these developers must write code that is easy to understand and follows security best practices. Moreover, following best practices becomes a habit if there is a system to keep that in check. Checkov is a proven static analysis tool that checks for standard best practices in your … Continue reading Automate Terraform configuration scan with Checkov and GitHub Actions

CI-CD with Terraform and GitHub Actions to deploy to AWS

March 7, 2023March 25, 2025 ~ sourav kundu ~ 6 Comments

GitHub Actions is a CI/CD tool that can automate the provisioning of AWS resources using Terraform. Previously, I wrote a detailed post explaining the concepts associated with using Terraform to create an application load balancer that you can read here -add an application load balancer to Amazon EC2 using Terraform. In this note, I further … Continue reading CI-CD with Terraform and GitHub Actions to deploy to AWS

Securely integrate AWS Credentials with GitHub Actions using OpenID Connect

February 28, 2023November 26, 2024 ~ sourav kundu ~ 18 Comments

Recently, I had a request come up where I had to interact with AWS resources from GitHub Actions. In the past, I had done this using Azure Pipelines. I did that by: (a) storing the credentials (access_key and secret_key of the IAM user) as secure variables in the Azure DevOps Library variable group and (b) … Continue reading Securely integrate AWS Credentials with GitHub Actions using OpenID Connect

Automate Azure Boards iteration using PowerShell and Azure Pipelines

December 29, 2022January 3, 2025 ~ sourav kundu ~ 6 Comments

I start planning for the following year in the last two weeks of December. I use Azure DevOps to track my work -break down goals into features, and features into user stories, which I map into sprints. Creating iterations and adding them to projects is something that anyone can automate. Last year I used the … Continue reading Automate Azure Boards iteration using PowerShell and Azure Pipelines

A detailed guide to securely integrating Amazon Managed Grafana with Terraform

December 20, 2022 ~ sourav kundu ~ Leave a comment

Over the last couple of months, I worked extensively on Amazon Managed Grafana to create dashboards for observability. In the course of automating the deployment using Terraform and a CI-CD system, I learned about a few challenges and identified solutions. I'm sharing my learnings in this note so that you do not make the same … Continue reading A detailed guide to securely integrating Amazon Managed Grafana with Terraform

Create an Amazon Managed Grafana dashboard using Terraform and Azure Pipelines

December 3, 2022January 16, 2024 ~ sourav kundu ~ 2 Comments

Recently I came across a use case where I was required to create Grafana dashboards using the Terraform Grafana provider. Although it did not sound too complex, it soon became once I started automating the process using Azure Pipelines. In this note, I documented the challenge and the solution. Before diving deeper, an Amazon Managed … Continue reading Create an Amazon Managed Grafana dashboard using Terraform and Azure Pipelines

Create an Amazon Managed Grafana workspace using Terraform

November 12, 2022January 16, 2024 ~ sourav kundu ~ 4 Comments

In this note, I describe the steps to provision a new Amazon Managed Grafana workspace using the AWS Terraform provider. Grafana is an open-source observability tool to visualize data. It provides charts, graphs, and alerts for the web when connected to supported data sources. Per AWS-Docs, Amazon Managed Grafana is a fully managed and secure … Continue reading Create an Amazon Managed Grafana workspace using Terraform

Install and use AWS tools for PowerShell on Azure DevOps Pipelines YAML

September 18, 2022March 20, 2023 ~ sourav kundu ~ 2 Comments

Often while working on automation, I am required to interact with AWS cloud resources. For example, when using my laptop, I use the AWS CLI; I have the latest version installed. However, I prefer AWS Tools for Powershell if I automate the process into a build pipeline. If you are new to AWS Tools for … Continue reading Install and use AWS tools for PowerShell on Azure DevOps Pipelines YAML

Add an application load balancer to Amazon EC2 using Terraform

July 30, 2022March 25, 2025 ~ sourav kundu ~ 9 Comments

A highly available application has a higher chance of attracting customers because they are assured of consistency in service. Load balancing is a cost-effective way to increase an application's availability. In this note, I describe the steps to add an application load balancer to three Amazon EC2 instances hosted in three public subnets in different … Continue reading Add an application load balancer to Amazon EC2 using Terraform

Create a web-server on Amazon EC2 instance using Terraform and user data

July 11, 2022March 25, 2025 ~ sourav kundu ~ 9 Comments

In this note, I detail all the steps required to create a bare-bone web server on Amazon EC2. I discuss creating the Amazon Virtual Private Cloud, subnets, internet gateway, security group, and Amazon EC2 instances to finally automate the process via Terraform and user data. Note: I did not include the concepts of load balancing, … Continue reading Create a web-server on Amazon EC2 instance using Terraform and user data