The article provides a step-by-step guide for testing configuration scanners on a deliberately insecure Kubernetes deployment using Terraform and Helm. It outlines the setup of an EKS cluster with insecure application pods, detailing the commands needed for deployment, testing, and cleanup, while highlighting the various security vulnerabilities present in the deployed applications.

The article discusses the migration of over 30 Kubernetes clusters to Terraform, detailing the challenges faced with previous tools like Sceptre and AWS CDK, and outlining a structured, iterative approach to the transition. Key strategies included automating processes, ensuring safety during rollbacks, and emphasizing hands-on knowledge transfer over traditional documentation. The authors share insights on tooling, risk management, and team collaboration throughout the migration journey.

Migrating Amazon EKS from version 1.29 to 1.32 involved careful planning and execution, focusing on upgrading Terraform modules, transitioning to Amazon Linux 2023, and implementing a blue/green deployment strategy to minimize downtime. The process highlighted the importance of addressing breaking changes, updating add-ons, and validating instance types to ensure a smooth upgrade across four clusters. Overall, the upgrade was completed in two weeks with minimal disruptions and enhanced security and performance.