AirFrance-KLM transformed its automation platform using Terraform, Vault, and Ansible to enhance security, compliance, and efficiency. The shift from compliance-by-construction to compliance-by-guardrails streamlined their processes, reducing provisioning time and errors while maintaining governance.

This article details DNSimple's journey to automate their management of GitHub repositories using Infrastructure as Code principles. It highlights the transition from a manual tool called Repocop to a more efficient system built with Terraform and CI/CD practices, improving consistency and visibility across hundreds of repositories.

This article explains how to integrate synthetic testing into your infrastructure using Terraform and Datadog. It covers best practices for creating and managing tests, including the use of global variables, tagging for ownership, and modularizing tests with subtests.

This article outlines how to improve Azure infrastructure by integrating a Load Balancer and Virtual Machine Scale Sets (VMSS) for high availability. It covers setting up the necessary components, defining infrastructure using Terraform, and implementing autoscaling and security rules.

CDK for Terraform (CDKTF) has been deprecated, leaving users to find alternatives. This article outlines options for migration, focusing on Pulumi as a viable path forward, detailing the conversion and import process for transitioning projects.

This article explains how to manage parallelism in Terraform to speed up resource provisioning. It covers how to control dependencies, adjust the parallelism flag, and when to split configurations for better performance.

This article details how infrastructure drift occurs when actual setups differ from Terraform configurations, leading to unexpected costs and security risks. It offers practical solutions for detecting and remediating drift, including automation strategies and real-world examples of financial waste caused by unmanaged drift.

The author shares a misstep during an AWS migration from IAM Users to SSO, resulting in a permissions error related to a KMS key. After discovering the issue, they detail the recovery process and a new checklist step to prevent similar problems in the future.

AWS now allows you to validate and enforce required tags in CloudFormation, Terraform, and Pulumi using Tag Policies. By defining mandatory tags like "Environment," "Owner," and "Application," you can ensure consistent tagging across your infrastructure-as-code projects. This feature helps maintain compliance and governance for your AWS resources.

This article explains how to manage Azure Firewall and Network Security Group (NSG) rules using Terraform and CSV files. It outlines a method to streamline rule management, reduce code clutter, and simplify updates through structured CSV inputs.

This article explores the implications of HashiCorp's license change and the emergence of OpenTofu as an open-source alternative to Terraform. It outlines core differences between the two tools, including licensing, governance models, and built-in security features, helping teams decide which tool aligns with their needs.

This article examines three Infrastructure as Code tools—Terraform, Pulumi, and Crossplane—highlighting their unique approaches to managing cloud infrastructure. It details how each tool fits into modern practices and discusses their strengths, weaknesses, and operational differences.

Cloudflare uses a "shift left" strategy to embed security checks early in the software development process, aiming to minimize human error and prevent misconfigurations. By managing their infrastructure as code, they ensure consistent security policies across hundreds of accounts while enabling rapid deployment. Key tools include Terraform and a custom CI/CD pipeline.

HashiCorp has announced the general availability of the Terraform AWS provider version 6.0, which enhances multi-region support and simplifies infrastructure management across AWS. This update allows users to define AWS resources with a single configuration file, improving workflow efficiency and reducing memory usage.

Terraform and Ansible are integrated to enhance infrastructure provisioning and configuration management, addressing the complexities of managing resources across hybrid and multi-cloud environments. The new feature allows for seamless collaboration between the two tools, streamlining operations from Day 0 provisioning to Day 2 maintenance.

HashiCorp announces the general availability of version 7.0 of the Terraform provider for Google Cloud, featuring new ephemeral resources, write-only attributes, and enhanced validation logic. These updates aim to improve security and user experience while ensuring alignment with the latest Google Cloud APIs.

The article provides a step-by-step guide for testing configuration scanners on a deliberately insecure Kubernetes deployment using Terraform and Helm. It outlines the setup of an EKS cluster with insecure application pods, detailing the commands needed for deployment, testing, and cleanup, while highlighting the various security vulnerabilities present in the deployed applications.

Learn how to automate the deployment of Azure SFTP using Terraform for a streamlined, version-controlled setup. The article provides a GitHub repository with necessary Terraform code, customization tips, and step-by-step instructions for creating and managing Azure SFTP resources efficiently.

Infrastructure as Code (IaC) is essential for modern cloud operations, allowing companies to define their infrastructure through code, facilitating easy deployment, rollbacks, and reproducibility. By using tools like Terraform, teams can manage resources more efficiently, eliminating the risks associated with "snowflake servers" and improving overall agility in infrastructure management.

Pre-caching Terraform provider plugins in CI/CD pipelines can significantly reduce network activity and provisioning times by avoiding repeated downloads. A new project simplifies this process by allowing users to define target repositories and easily configure multiple Terraform versions. This approach not only speeds up pipeline executions but also mitigates risks associated with external dependencies.

Benchling successfully manages over 165,000 cloud resources across 625 Terraform workspaces using Terraform Cloud, significantly improving their infrastructure release process. Transitioning from a manual, error-prone system to an automated workflow has saved approximately 8,000 developer hours annually and enhanced reliability through better monitoring and management practices.

Learn how to automate the generation and management of secrets, such as passwords, using Terraform and Azure Key Vault. The article covers creating a secure password, setting expiry dates, and implementing best practices for handling sensitive data in cloud infrastructure.

Terraform GUIs offer a visual interface to enhance the management of infrastructure as code, addressing the limitations of Terraform's CLI-centric approach. These tools improve collaboration, visibility, and workflow automation, making it easier for teams to manage configurations, monitor changes, and enforce policies without deep CLI expertise. Leading solutions like Spacelift, Terraform Cloud, and Gaia provide various features tailored to different team needs and automation requirements.

Accessing Amazon EKS from a jumphost is streamlined using EKS Access Entries, which allow for IAM identity-based Kubernetes API permissions without altering the legacy aws-auth ConfigMap. The guide details the necessary steps to set up the jumphost, configure IAM policies, and verify access with kubectl commands, emphasizing a cleaner and more secure approach to managing access.

The article discusses the migration of over 30 Kubernetes clusters to Terraform, detailing the challenges faced with previous tools like Sceptre and AWS CDK, and outlining a structured, iterative approach to the transition. Key strategies included automating processes, ensuring safety during rollbacks, and emphasizing hands-on knowledge transfer over traditional documentation. The authors share insights on tooling, risk management, and team collaboration throughout the migration journey.

The article announces the release of an open-source Terraform provider specifically designed for integrating with OpenAI services. It highlights the features and benefits of using this provider for developers looking to manage infrastructure as code with OpenAI's APIs. Instructions for installation and usage are also provided, making it easier for users to get started.

The article discusses best practices for organizing and scaling Terraform modules to enhance infrastructure management and collaboration in development teams. It emphasizes the importance of modularization, versioning, and documentation to ensure efficient and maintainable codebases. Strategies for structuring repositories and using Terraform features are also highlighted.

Implementing guardrails in cloud infrastructure is essential to prevent security vulnerabilities, unexpected costs, and compliance issues. The article explains how Open Policy Agent (OPA) can be integrated with Terraform to enforce policies as code, ensuring consistent governance and security for cloud resources. It provides practical policy examples and steps for integrating OPA into Terraform workflows.

A comprehensive guide for MLOps and Data teams on deploying Vertex AI Workbench using Terraform to minimize manual operations and reduce costs associated with cloud resource management. It highlights the advantages of using Terraform for standardized and reproducible configurations, addressing common issues when relying on UI for instance creation. The article includes a maturity model for notebook management and a practical Terraform module example for implementation.

Implementing Karpenter on Amazon EKS requires setting up an AWS EKS cluster, creating IAM roles for both the control plane and worker nodes, and deploying Karpenter using Terraform. The article provides a detailed, step-by-step guide for these processes, including the necessary configurations and commands to run.

Deploying and autoscaling HCP Terraform agents on Amazon EKS Auto Mode enhances infrastructure management by optimizing resource utilization and automating capacity management. The integration of the HCP Terraform Operator with EKS Auto Mode enables intelligent scaling based on workload demands, eliminating manual intervention and reducing operational costs. This approach ensures sufficient agent capacity during peak periods and conserves resources during quieter times.

Identifying ownership of non-human identities (NHIs) created through Infrastructure as Code (IaC) poses significant challenges, particularly when automated processes are involved. A tag-based approach is proposed to help determine the human responsible for IaC-generated identities by linking code commits to the resources created, although this requires careful analysis of various components within the IaC framework.

The collaboration between Red Hat Ansible and HashiCorp Terraform aims to enhance infrastructure automation and management through improved integration. This partnership seeks to streamline workflows for developers and operations teams, leveraging the strengths of both tools for better infrastructure as code practices.

Learn how to create a secure CI/CD pipeline using Okta, Terraform, AWS, and GitHub Actions, simplifying the integration and deployment process for DevOps beginners. The guide addresses common challenges in DevOps, such as state file storage and secrets management, providing a comprehensive overview of the necessary architecture and workflows. By the end, you'll be equipped to implement infrastructure as code with Terraform while ensuring security and efficiency.

Terraform migrate 1.1 introduces support for version control system (VCS) workspaces, enabling Git-based infrastructure management and automated migration flows. It improves user experience with features like token validation optimization and reliable branch pushing, streamlining the migration process to HCP Terraform and Terraform Enterprise.

A local data platform can be built using Terraform and Docker to replicate cloud data architecture without incurring costs. This setup allows for hands-on experimentation and learning of data engineering concepts, utilizing popular open-source tools like Airflow, Minio, and DuckDB. The project emphasizes the use of infrastructure as code principles while providing a realistic environment for developing data pipelines.

Terraform and Jenkins are essential tools in DevOps that enhance automation in deployment processes. Terraform focuses on infrastructure as code for provisioning and managing cloud infrastructure, while Jenkins automates the CI/CD pipeline for application deployment. Together, they create efficient, automated workflows that streamline both infrastructure management and application delivery.

Terraform now fully supports Arm architecture, allowing customers to run Terraform Enterprise and HCP Terraform agents on Arm-based platforms like AWS Graviton. This enhancement offers greater choice and flexibility, enabling businesses to optimize their IT investments by balancing cost and performance.

HCP Terraform now allows organizations to manage public Terraform modules and providers, streamlining the ownership and maintenance process. This new feature enables better access control and artifact management, reducing risks associated with individual account dependencies.

The article discusses best practices for securing Terraform state files stored in Azure Blob Storage, emphasizing the importance of encryption, access control, and proper configuration to protect sensitive infrastructure data. It provides practical guidance on implementing these security measures effectively to mitigate risks associated with cloud infrastructure management.

Pulumi has introduced direct support for executing Terraform modules, enabling users to migrate from Terraform to Pulumi without the need for immediate conversion. This feature allows teams to preserve existing Terraform modules while leveraging Pulumi's advanced infrastructure as code capabilities, facilitating a smoother, incremental migration process.

The article discusses the integration of Terraform and Ansible, highlighting how these two tools complement each other in infrastructure management. It emphasizes the benefits of using Terraform for provisioning and Ansible for configuration management, showcasing improved efficiency and collaboration in DevOps practices.

The repository showcases a method for implementing federated user and workload identity across multiple cloud services without relying on long-lived credentials. It emphasizes using Infrastructure as Code with Terraform and encourages collaboration among providers to demonstrate effective implementations and testing through a gamified approach.

A detailed comparison of GitHub App and OAuth authentication methods for integrating GitHub with Terraform. The article discusses their advantages, drawbacks, and best practices to help organizations choose the right method based on security and operational requirements. Key factors include repository setup, permissions, and webhook management.

Terraform and Bicep are prominent infrastructure-as-code tools, with Terraform being a cloud-agnostic solution and Bicep specifically designed for Microsoft Azure. Bicep simplifies the JSON syntax of ARM templates and offers native Azure integration, while Terraform boasts a rich provider ecosystem and state management features. Understanding their differences can help users choose the right tool for their deployment needs.

The article discusses the integration of service groups in Azure using Terraform with the AzAPI provider. It highlights best practices and the advantages of managing Azure resources through code, specifically focusing on the automation and efficiency Terraform provides in handling service groups. Additionally, it addresses common challenges and solutions encountered in the process.

A comprehensive blueprint for using dbt with Databricks to create data pipelines is provided in this GitHub repository. It features a modular project structure, data contracts, tests, and incremental models, all while utilizing dummy data to ensure safety and privacy. The setup includes instructions for configuration, data loading, and testing within a Databricks environment.

Migrating Amazon EKS from version 1.29 to 1.32 involved careful planning and execution, focusing on upgrading Terraform modules, transitioning to Amazon Linux 2023, and implementing a blue/green deployment strategy to minimize downtime. The process highlighted the importance of addressing breaking changes, updating add-ons, and validating instance types to ensure a smooth upgrade across four clusters. Overall, the upgrade was completed in two weeks with minimal disruptions and enhanced security and performance.

The article discusses the importance of implementing AI guardrails in Terraform to proactively identify and mitigate drift, cost, and risk before code merges. It emphasizes how such measures can enhance infrastructure management and maintain system integrity. Overall, the focus is on leveraging AI to streamline and secure the Terraform deployment process.