Build Secure GitHub Self-Hosted Runners on Amazon EC2 with Terraform

GitHub, in addition to being an excellent version control system, offers workflow automation capabilities (Actions) that enable testing, building, and deploying code based on triggers such as code commits, pull requests, or scheduled events. These workflows run on runners, which are virtual or physical machines that execute these workflow steps.While GitHub offers free hosted runners … Continue reading Build Secure GitHub Self-Hosted Runners on Amazon EC2 with Terraform

Automate AWS Lambda Deployment with Docker Images, Terraform, and GitHub Actions

AWS Lambda is a serverless compute service that lets cloud application development teams run code without provisioning or managing servers. While Lambda natively supports several programming languages, developers often face limitations with dependency management and runtime constraints. This is where Docker containers come to the rescue. By packaging the Lambda function as a Docker image, … Continue reading Automate AWS Lambda Deployment with Docker Images, Terraform, and GitHub Actions

Configure DNSSEC for Amazon Route 53 hosted zone using Terraform

Configure DNSSEC for Amazon Route 53 hosted zone using Terraform

DNSSEC (Domain Name System Security Extensions) is a security protocol that adds cryptographic signatures to DNS records. This ensures that users are connecting to legitimate websites rather than malicious ones. It also helps prevent attacks like DNS spoofing or cache poisoning by verifying the authenticity and integrity of DNS responses. Amazon Route 53 is a … Continue reading Configure DNSSEC for Amazon Route 53 hosted zone using Terraform

Enable Domain Name System (DNS) query logging for Amazon Route 53 hosted zones using Terraform

Maintaining visibility into DNS-related activities is crucial for organizations to ensure the security and performance of their web-based applications. Cloud engineering teams must use tools to effectively monitor and analyze DNS queries to protect from DNS-based attacks and optimize performance for genuine requests. DNS Query logging for Amazon Route 53 hosted zones addresses this challenge … Continue reading Enable Domain Name System (DNS) query logging for Amazon Route 53 hosted zones using Terraform

Attach AWS WAF to load balancer using Terraform and GitHub Actions

Public-facing load balancers are vulnerable to attacks, including DDoS, SQL injection, cross-site scripting (XSS), and bot attacks. These attacks can degrade the load balancer's performance, rendering it unavailable to legitimate users and negatively impacting business operations. AWS Web Application Firewall (WAF) is a service designed to protect resources like load balancers, Amazon CloudFront distributions, API … Continue reading Attach AWS WAF to load balancer using Terraform and GitHub Actions

Automate Amazon Route 53 hosted zone, ACM, and Load Balancer provisioning with Terraform and GitHub Actions

AWS provides seamless integration to manage secure traffic routing through an Amazon Route 53 hosted zone to an Application Load Balancer (ALB), using a secure certificate from AWS Certificate Manager (ACM). I build upon a previously discussed use case such that by the end of this note, you'll have the concept of creating an ALB … Continue reading Automate Amazon Route 53 hosted zone, ACM, and Load Balancer provisioning with Terraform and GitHub Actions

Automate Terraform Modules README Generation with terraform-docs and GitHub Actions

Terraform modules are essential building blocks for reusing Terraform configurations. For a Terraform module to be successful, ease of use and discoverability are key. Since creating a Terraform module also goes through a development and maintenance cycle, storing that in a GitHub repository is convenient. By doing so, Organizations improve collaboration, increase transparency, and enhance … Continue reading Automate Terraform Modules README Generation with terraform-docs and GitHub Actions

Provision AWS Resources with GitHub and HCP Terraform

HCP (HashiCorp Cloud Platform) Terraform is a managed service that allows cloud infrastructure engineers to provision, manage, and scale infrastructure using Terraform securely, efficiently, and in an automated manner. It eliminates the need to maintain a Terraform infrastructure, such as the underlying execution environment and state management. It provides a hassle-free way to manage cloud … Continue reading Provision AWS Resources with GitHub and HCP Terraform

Setup cross-account Amazon Elastic Container Registry (ECR) access using Terraform and GitHub Actions

Amazon Elastic Container Registry (ECR) is a fully managed Docker container registry that allows developers to store container images securely. It does so by storing them in an ECR repository, a logical separation for storing, organizing, and versioning the Docker images inside an ECR repository. In a typical containerized application CI/CD pipeline, the Continuous Integration … Continue reading Setup cross-account Amazon Elastic Container Registry (ECR) access using Terraform and GitHub Actions

Blue-Green Deployments for Amazon ECS Fargate with CodeDeploy, Terraform, and GitHub Actions

Blue-green deployment is a software release strategy that minimizes downtime and risk by running two identical environments, "blue" and "green." At any given time, one environment (e.g., blue) is live and serving traffic, while the other (green) is idle and used for staging new updates. Once the updates are tested and validated in the green … Continue reading Blue-Green Deployments for Amazon ECS Fargate with CodeDeploy, Terraform, and GitHub Actions