Estimate AWS Cloud resource cost with Infracost, Terraform, and GitHub Actions

July 17, 2023July 31, 2023 ~ sourav kundu ~ 10 Comments

There are two broad aspects to running a successful business. These are (a) creating a product that generates revenue and (b) managing the product cost that is lower than the revenue. E.g., if the product generates $100 in revenue and costs $90, then the business can survive because it is generating a 10% profit margin. … Continue reading Estimate AWS Cloud resource cost with Infracost, Terraform, and GitHub Actions

AWS Tools for PowerShell module in GitHub Actions

April 23, 2023April 23, 2023 ~ sourav kundu ~ Leave a comment

Previously, I wrote a note on using AWS Tools for PowerShell in Azure Pipelines, and in this note, I show how to use that in GitHub Actions. If you are new to AWS Tools for Powershell, I recommend reading about that at AWS Docs. The process can be broken down into three steps: 1. Configure … Continue reading AWS Tools for PowerShell module in GitHub Actions

Create AWS Secrets Manager secret using Terraform secure variables and GitHub Actions secrets

April 16, 2023December 22, 2025 ~ sourav kundu ~ 5 Comments

A little while back, I encountered an exciting use case requiring me to use GitHub Actions secrets. The use case was to create an AWS Secrets Manager secret resource using Terraform in a CI/CD pipeline. An AWS Secrets Manager secret is a resource to store secure credentials. In the past, I created an AWS Secrets … Continue reading Create AWS Secrets Manager secret using Terraform secure variables and GitHub Actions secrets

Automate Terraform configuration scan with Checkov and GitHub Actions

April 12, 2023May 8, 2023 ~ sourav kundu ~ 9 Comments

Terraform enables developers to create cloud resources via a few lines of code. Hence, these developers must write code that is easy to understand and follows security best practices. Moreover, following best practices becomes a habit if there is a system to keep that in check. Checkov is a proven static analysis tool that checks for standard best practices in your … Continue reading Automate Terraform configuration scan with Checkov and GitHub Actions

CI-CD with Terraform and GitHub Actions to deploy to AWS

March 7, 2023March 25, 2025 ~ sourav kundu ~ 6 Comments

GitHub Actions is a CI/CD tool that can automate the provisioning of AWS resources using Terraform. Previously, I wrote a detailed post explaining the concepts associated with using Terraform to create an application load balancer that you can read here -add an application load balancer to Amazon EC2 using Terraform. In this note, I further … Continue reading CI-CD with Terraform and GitHub Actions to deploy to AWS

Securely integrate AWS Credentials with GitHub Actions using OpenID Connect

February 28, 2023November 26, 2024 ~ sourav kundu ~ 18 Comments

Recently, I had a request come up where I had to interact with AWS resources from GitHub Actions. In the past, I had done this using Azure Pipelines. I did that by: (a) storing the credentials (access_key and secret_key of the IAM user) as secure variables in the Azure DevOps Library variable group and (b) … Continue reading Securely integrate AWS Credentials with GitHub Actions using OpenID Connect