Tag: checkov

Create Amazon RDS for PostgreSQL DB using Terraform and GitHub Actions

~ sourav kundu ~ Leave a comment

In this note, I discuss creating an Amazon RDS for PostgreSQL DB using Terraform and securely automating the provisioning process using GitHub Actions. By the end of this note, you will learn about the underlying architectural dependencies and specific properties needed to create a secure RDS for PostgreSQL DB using Terraform. Per AWS-Docs, Amazon Relational … Continue reading Create Amazon RDS for PostgreSQL DB using Terraform and GitHub Actions

Automating AWS Infrastructure with CloudFormation and GitHub Actions: A Tutorial

~ sourav kundu ~ 1 Comment

This note aims to demonstrate how to deploy a couple of CloudFormation templates using GitHub Actions to create Amazon cloud resources. There are two tools we're discussing. The first one is AWS CloudFormation, an infrastructure as a code tool to provision AWS cloud resources declaratively. The AWS cloud resources and their relationships are declared in … Continue reading Automating AWS Infrastructure with CloudFormation and GitHub Actions: A Tutorial

Create Amazon EC2 Auto Scaling group and load balancer using Terraform and GitHub Actions

~ sourav kundu ~ 7 Comments

When project teams host an application or service on an Amazon EC2 instance, they have specific questions about the underlying infrastructure. A few of them could be: (a) Can the project team be assured that if some or all existing EC2 instances were terminated or unresponsive, new Amazon EC2 instances (with the application hosted) would … Continue reading Create Amazon EC2 Auto Scaling group and load balancer using Terraform and GitHub Actions

Add an application load balancer to Amazon EC2 instances in a private subnet

~ sourav kundu ~ 6 Comments

In this note, I create a highly available environment using Amazon EC2 instances spread over multiple availability zones attached to an application load balancer. I also have a link to my GitHub repository with the code. In the past, I wrote a note on how to toggle traffic between three EC2 instances in three availability … Continue reading Add an application load balancer to Amazon EC2 instances in a private subnet

Implement pull request-based workflow using Terraform, Infracost, Checkov, and GitHub Actions

~ sourav kundu ~ 1 Comment

The software development process has continuously evolved over the past several years. The evolution process continued with the wide-scale availability of cloud platforms like AWS and Azure. We realized the practice of infrastructure as code (IAC) when the development practice of coding was merged with the operations practice of creating and managing cloud infrastructure. Then, … Continue reading Implement pull request-based workflow using Terraform, Infracost, Checkov, and GitHub Actions

Automate Terraform configuration scan with Checkov and GitHub Actions

~ sourav kundu ~ 9 Comments

Terraform enables developers to create cloud resources via a few lines of code. Hence, these developers must write code that is easy to understand and follows security best practices. Moreover, following best practices becomes a habit if there is a system to keep that in check. Checkov is a proven static analysis tool that checks for standard best practices in your … Continue reading Automate Terraform configuration scan with Checkov and GitHub Actions

Static analysis with Checkov, Terraform, and Azure Pipelines

~ sourav kundu ~ Leave a comment

As the name suggests, Static analysis is the ability to scan software code to search and highlight deviations from specified standards. The purpose of static code analysis is to speed up the feedback process of developing software or infrastructure. In general, once code is merged/committed to a repository, failures/defects/bugs are identified during the following stages: … Continue reading Static analysis with Checkov, Terraform, and Azure Pipelines