🏗️ Terraform on AWS — Workshop
https://catalog.us-east-1.prod.workshops.aws/workshops/41c5a1b6-bd3e-41f4-bd46-85ab7dc6dad4/en-US
▫️ Understand the basic building blocks of Terraform (providers, data sources, resources, etc)
▫️ Develop your first Terraform project on AWS
▫️ Getting started into a typical workflow for Terraform
▫️ Update and deploy changes into your infrastructure environment
#Terraform #workshop
https://catalog.us-east-1.prod.workshops.aws/workshops/41c5a1b6-bd3e-41f4-bd46-85ab7dc6dad4/en-US
▫️ Understand the basic building blocks of Terraform (providers, data sources, resources, etc)
▫️ Develop your first Terraform project on AWS
▫️ Getting started into a typical workflow for Terraform
▫️ Update and deploy changes into your infrastructure environment
#Terraform #workshop
TFTUI — a textual utility for viewing and interacting with Terraform state
https://github.com/idoavrah/terraform-tui
#terraform
https://github.com/idoavrah/terraform-tui
#terraform
Полезные комментарии Дениса Астахова по поводу перехода Terraform на BSL лицензию:
https://www.youtube.com/watch?v=dr6cwY2WbZA
Отмечу по этому поводу следующее.
◾ "Создающие альтернативы продуктам Hashicorp" — это не только Terraform.
◾ Если Hashicorp, например, купит какую-то компанию в области предоставления облачных сервисов, то под это определение автоматически подпадут все облака.
◾ Потенциально такое определение распространяется на любой бизнес, а не только напрямую связанное с Terraform.
◾ Не всё так однозначно. ©
#Terraform #OpenTF
https://www.youtube.com/watch?v=dr6cwY2WbZA
Отмечу по этому поводу следующее.
◾ "Создающие альтернативы продуктам Hashicorp" — это не только Terraform.
◾ Если Hashicorp, например, купит какую-то компанию в области предоставления облачных сервисов, то под это определение автоматически подпадут все облака.
◾ Потенциально такое определение распространяется на любой бизнес, а не только напрямую связанное с Terraform.
◾ Не всё так однозначно. ©
#Terraform #OpenTF
YouTube
ИЗМЕНЕНИЕ ЛИЦЕНЗИИ TERRAFORM - КОГО КАСАЕТСЯ и ЧТО ТЕПЕРЬ ДЕЛАТЬ - OpenTF
#opentf #terraform #terraformlicense
Если помог, поддержите парой баксов, хотябы Канадских :) https://www.paypal.me/DenisAstahov
Если помог, поддержите парой баксов, хотябы Канадских :) https://www.paypal.me/DenisAstahov
🆕 CodeWhisperer + CloudFormation & AWS CDK & Terraform 🎉
https://docs.aws.amazon.com/codewhisperer/latest/userguide/language-ide-support.html
#CodeWhisperer #CloudFormation #CDK #Terraform
https://docs.aws.amazon.com/codewhisperer/latest/userguide/language-ide-support.html
#CodeWhisperer #CloudFormation #CDK #Terraform
⚠ Execute malicious code on the
https://blog.plerion.com/hacking-terraform-state-privilege-escalation/
This is the case if someone has access to S3 bucket containing Terraform state file.
#security #terraform
terraform plan
? Yes!https://blog.plerion.com/hacking-terraform-state-privilege-escalation/
This is the case if someone has access to S3 bucket containing Terraform state file.
#security #terraform
Plerion
Hacking Terraform State for Privilege Escalation - Plerion
What can an attacker do if they can edit Terraform state? The answer should be 'nothing' but is actually 'take over your CI/CD pipeline'.
Качественная статья о положении дел HashiCorp.
https://medium.com/@fintanr/on-ibm-acquiring-hashicorp-c9c73a40d20c
Вот, что может случиться, когда в ведущем продукте меняется open source лицензия. От даты изменения типа лицензии до продажи компании прошло 9 месяцев.
#Terraform
https://medium.com/@fintanr/on-ibm-acquiring-hashicorp-c9c73a40d20c
Вот, что может случиться, когда в ведущем продукте меняется open source лицензия. От даты изменения типа лицензии до продажи компании прошло 9 месяцев.
#Terraform
⚡️ Oracle switched from Terraform to OpenTofu
https://blogs.oracle.com/ebsandoraclecloud/post/ebs-cloud-manager-24111-now-available
▫ In this release, we have switched from Terraform to OpenTofu due to forthcoming Terraform licensing changes. You must therefore upgrade your Cloud Manager by June 30, 2024 at the latest.
▫ We highly recommend that you uptake this new release of Cloud Manager at your earliest convenience.
P.S. Лёд тронулся, господа присяжные заседатели!
#Terraform #OpenTofu
https://blogs.oracle.com/ebsandoraclecloud/post/ebs-cloud-manager-24111-now-available
▫ In this release, we have switched from Terraform to OpenTofu due to forthcoming Terraform licensing changes. You must therefore upgrade your Cloud Manager by June 30, 2024 at the latest.
▫ We highly recommend that you uptake this new release of Cloud Manager at your earliest convenience.
P.S. Лёд тронулся, господа присяжные заседатели!
#Terraform #OpenTofu
Terraform AWS Cloud Control Provider
https://aws.amazon.com/blogs/devops/quickly-adopt-new-aws-features-with-the-terraform-aws-cloud-control-provider/
Terraform AWS Cloud Control Provider features:
▫️ Developed by AWS and HashiCorp over four years, leveraging the AWS Cloud Control API.
▫️ Supports new AWS services and features immediately upon release via automatic generation from AWS Cloud Control API.
▫️ Best for using newly released AWS features and services that are not yet available in the standard Terraform AWS Provider.
#Terraform
provider "awscc" {
region = "us-east-1"
}
provider "aws" {
region = "us-east-1"
}
https://aws.amazon.com/blogs/devops/quickly-adopt-new-aws-features-with-the-terraform-aws-cloud-control-provider/
Terraform AWS Cloud Control Provider features:
▫️ Developed by AWS and HashiCorp over four years, leveraging the AWS Cloud Control API.
▫️ Supports new AWS services and features immediately upon release via automatic generation from AWS Cloud Control API.
▫️ Best for using newly released AWS features and services that are not yet available in the standard Terraform AWS Provider.
#Terraform
Amazon
Quickly adopt new AWS features with the Terraform AWS Cloud Control provider | Amazon Web Services
AWS customers using Terraform as their IaC tool can now benefit from faster time-to-market by building cloud infrastructure with the latest AWS innovations that are typically available on the Terraform AWS CC Provider on the day of launch.
Terraform best practices from AWS
https://docs.aws.amazon.com/prescriptive-guidance/latest/terraform-aws-provider-best-practices/introduction.html
Backend
▫️ Use S3 for remote storage
▫️ Facilitate team collaboration
▫️ Separate the backends for each environment
▫️ Actively monitor remote state activity
Code
▫️ Implement a standard repository structure
▫️ Structure for modularity
▫️ Follow naming conventions
▫️ Use attachment resources
▫️ Use default tags
▫️ Meet Terraform Registry requirements
▫️ Use recommended module sources
▫️ Follow coding standards
Versions
▫️ Use the TFLint
▫️ Monitor new releases
Modules
▫️ Use variables for customization
▫️ Understand dependencies
▫️ Use trusted sources
#Terraform
https://docs.aws.amazon.com/prescriptive-guidance/latest/terraform-aws-provider-best-practices/introduction.html
Backend
▫️ Use S3 for remote storage
▫️ Facilitate team collaboration
▫️ Separate the backends for each environment
▫️ Actively monitor remote state activity
Code
▫️ Implement a standard repository structure
▫️ Structure for modularity
▫️ Follow naming conventions
▫️ Use attachment resources
▫️ Use default tags
▫️ Meet Terraform Registry requirements
▫️ Use recommended module sources
▫️ Follow coding standards
Versions
▫️ Use the TFLint
▫️ Monitor new releases
Modules
▫️ Use variables for customization
▫️ Understand dependencies
▫️ Use trusted sources
#Terraform
Отличное сравнение security scan tools для Terraform
https://devdosvid.blog/2024/04/16/a-deep-dive-into-terraform-static-code-analysis-tools-features-and-comparisons/
▫️ KICS
▫️ tfsec
▫️ Trivy
▫️ Terrascan
▫️ Checkov
▫️ Semgrep
#Terraform
https://devdosvid.blog/2024/04/16/a-deep-dive-into-terraform-static-code-analysis-tools-features-and-comparisons/
▫️ KICS
▫️ tfsec
▫️ Trivy
▫️ Terrascan
▫️ Checkov
▫️ Semgrep
#Terraform