Enable Domain Name System (DNS) query logging for Amazon Route 53 hosted zones using Terraform

April 9, 2025April 9, 2025 ~ sourav kundu ~ Leave a comment

Maintaining visibility into DNS-related activities is crucial for organizations to ensure the security and performance of their web-based applications. Cloud engineering teams must use tools to effectively monitor and analyze DNS queries to protect from DNS-based attacks and optimize performance for genuine requests. DNS Query logging for Amazon Route 53 hosted zones addresses this challenge … Continue reading Enable Domain Name System (DNS) query logging for Amazon Route 53 hosted zones using Terraform

Attach AWS WAF to load balancer using Terraform and GitHub Actions

April 6, 2025April 9, 2025 ~ sourav kundu ~ 2 Comments

Public-facing load balancers are vulnerable to attacks, including DDoS, SQL injection, cross-site scripting (XSS), and bot attacks. These attacks can degrade the load balancer's performance, rendering it unavailable to legitimate users and negatively impacting business operations. AWS Web Application Firewall (WAF) is a service designed to protect resources like load balancers, Amazon CloudFront distributions, API … Continue reading Attach AWS WAF to load balancer using Terraform and GitHub Actions

Automate Amazon Route 53 hosted zone, ACM, and Load Balancer provisioning with Terraform and GitHub Actions

March 25, 2025April 8, 2025 ~ sourav kundu ~ 3 Comments

AWS provides seamless integration to manage secure traffic routing through an Amazon Route 53 hosted zone to an Application Load Balancer (ALB), using a secure certificate from AWS Certificate Manager (ACM). I build upon a previously discussed use case such that by the end of this note, you'll have the concept of creating an ALB … Continue reading Automate Amazon Route 53 hosted zone, ACM, and Load Balancer provisioning with Terraform and GitHub Actions

Getting started with Ephemeral workspaces in HCP Terraform

February 20, 2025November 24, 2025 ~ sourav kundu ~ 1 Comment

Ephemeral refers to something that does not last for a long time. In HCP Terraform, a workspace is a group of infrastructure resources managed by Terraform. Hence, an ephemeral workspace does not last for a long time. This implies that it is suitable for IaC use cases where the resources are provisioned for a short … Continue reading Getting started with Ephemeral workspaces in HCP Terraform

Automate Terraform Testing with Azure DevOps Pipelines

January 22, 2025January 22, 2025 ~ sourav kundu ~ 2 Comments

HashiCorp introduced the Terraform testing framework with version 1.06 of Terraform. This note captures my experience learning and adding test cases to an existing Terraform configuration using Azure DevOps Pipelines. Along with my notes, you'll also find references to helpful guides and YouTube videos. By the end of this note, I want you to feel … Continue reading Automate Terraform Testing with Azure DevOps Pipelines

Automate Terraform Modules README Generation with terraform-docs and GitHub Actions

January 10, 2025 ~ sourav kundu ~ 1 Comment

Terraform modules are essential building blocks for reusing Terraform configurations. For a Terraform module to be successful, ease of use and discoverability are key. Since creating a Terraform module also goes through a development and maintenance cycle, storing that in a GitHub repository is convenient. By doing so, Organizations improve collaboration, increase transparency, and enhance … Continue reading Automate Terraform Modules README Generation with terraform-docs and GitHub Actions

Provision AWS Resources with GitHub and HCP Terraform

January 3, 2025 ~ sourav kundu ~ 2 Comments

HCP (HashiCorp Cloud Platform) Terraform is a managed service that allows cloud infrastructure engineers to provision, manage, and scale infrastructure using Terraform securely, efficiently, and in an automated manner. It eliminates the need to maintain a Terraform infrastructure, such as the underlying execution environment and state management. It provides a hassle-free way to manage cloud … Continue reading Provision AWS Resources with GitHub and HCP Terraform

Setup cross-account Amazon Elastic Container Registry (ECR) access using Terraform and GitHub Actions

December 4, 2024December 4, 2024 ~ sourav kundu ~ Leave a comment

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that allows developers to store container images securely. It does so by storing them in an ECR repository, a logical separation for storing, organizing, and versioning the Docker images inside an ECR repository. In a typical containerized application CI/CD pipeline, the Continuous Integration … Continue reading Setup cross-account Amazon Elastic Container Registry (ECR) access using Terraform and GitHub Actions

Securely Connect an AWS Lambda to an Amazon VPC Using Terraform

November 24, 2024 ~ sourav kundu ~ Leave a comment

Amazon Virtual Private Cloud (VPC) is a service that allows cloud engineering teams to create a private network within the Amazon Web Services (AWS) cloud. It enables them to define a virtual network environment, including IP address ranges, subnets, and route tables while providing control over network configuration and security. AWS Lambda is a serverless … Continue reading Securely Connect an AWS Lambda to an Amazon VPC Using Terraform

Create VPC Flow logs to publish to Amazon CloudWatch Logs using Terraform

November 20, 2024 ~ sourav kundu ~ Leave a comment

VPC Flow Logs is a feature in Amazon Web Services (AWS) that enables capturing information about IP traffic going to and from network interfaces in the Virtual Private Cloud (VPC). These logs provide detailed visibility into network traffic, helping to monitor, troubleshoot, and analyze traffic patterns, security issues, and performance within the VPC. The logs … Continue reading Create VPC Flow logs to publish to Amazon CloudWatch Logs using Terraform