Towards Dev·2yBuilding a Secure WebSocket API with AWS API Gateway, Lambda, and JWT Authorization using Terraform
This guide details the steps to build a secure WebSocket API using AWS API Gateway, integrated with AWS Lambda and secured with JWT authorization. The infrastructure setup is automated with Terraform, ensuring a scalable and manageable real-time communication system with CloudWatch logging for monitoring API activity.
Spacelift·2yTerraform in DevOps – IaC, Workflow & Benefits
Terraform is a key Infrastructure as Code (IaC) tool in the DevOps ecosystem designed to manage and automate infrastructure provisioning. It uses declarative syntax to define the desired state of infrastructure and supports multiple cloud providers through plugins. Key features include multi-cloud provisioning, remote state management, policy as code, and reusable modules. The Terraform workflow involves writing configuration files, initializing providers, planning execution, applying changes, and destroying infrastructure. Terraform seamlessly integrates with CI/CD pipelines, promoting standardization and automation in infrastructure management.
Spacelift·2yUsing OpenTofu with Spacelift
OpenTofu is becoming a popular standard for Infrastructure as Code (IaC) and integrates well with Spacelift to enhance workflows. Spacelift offers features such as multi-infrastructure workflow support, policy management, context handling, cloud integrations, drift detection, and task scheduling. The integration allows for automated deployments, governance, and efficient management of infrastructure dependencies. Spacelift also provides tools for creating and managing reusable infrastructure blueprints, promoting self-service and scalability.
Spacelift·2yTerraform Backends – Local and Remote Explained
Terraform backends are crucial for managing the storage and state of infrastructure deployments. They define where and how Terraform’s state data is stored and accessed, ensuring consistency across multiple runs. Common backend types include local storage and remote services like AWS S3, Azure Blob Storage, and Google Cloud Storage. Key features include state storage, state locking, and partial configuration. Best practices include securing and encrypting state files, enabling versioning, and using state locking to prevent concurrent operations.
Hacker News·2ymyzie/burrow: Burrow is a globally distributed HTTP proxy via AWS Lambda
Burrow is a serverless, globally-distributed HTTP proxy for Go built on AWS Lambda, compatible with standard `*http.Client`. It supports round-robin transport for multiple Lambda functions, useful for development, load testing, privacy, geo-restriction bypass, and API rate limiting. Burrow includes Terraform configurations for easy deployment across 17 AWS regions.
Community Picks·2yDeploying a Flask App on Cloud Run with Terraform: A Comprehensive Guide
This guide provides step-by-step instructions on deploying a Flask application on Google Cloud Run using Terraform. It covers the prerequisites, including necessary installations and configurations on both the GCP console and the developer's desktop. Detailed steps include creating a Flask application, writing Docker and Terraform configuration files, setting up a Docker repository in the GCP Artifact Registry, and deploying the app to Cloud Run.
Community Picks·2ySimple And Fully Automated Kubernetes Bootstrapping with DigitalOcean & Cloudflare
This post provides a practical guide for bootstrapping a Kubernetes cluster into a fully functional production environment using DigitalOcean and Cloudflare. It walks through setting up Terraform scripts, configuring ArgoCD for GitOps, and deploying various Kubernetes applications. Sample configuration files and commands are provided to help achieve the setup. The post concludes with additional steps needed for comprehensive cluster management.
Spacelift·2yHow to Enforce Policy as Code in Terraform? [Sentinel & OPA]
Infrastructure as code (IaC) allows defining and managing infrastructure through code, but policy as code (PaC) extends this concept by defining compliance policies also through code to ensure security and regulatory standards. This guide explains using PaC with Terraform, focusing on two frameworks: HashiCorp Sentinel and Open Policy Agent (OPA). Sentinel integrates closely with Terraform configurations, supporting various enforcement modes. OPA, an open-source policy engine, applies rules through its own Rego language and integrates well with tools like GitHub Actions and Spacelift. Both tools provide scalable methods for automating policy compliance in cloud infrastructures.
HashiCorp·2yFrom zero to hero with HashiCorp Boundary
HashiCorp Boundary provides a secure and simplified approach to remote access, eliminating the need for complex network configurations or exposing sensitive credentials. This post details the setup of a Boundary cluster from scratch using HCP Boundary for quick deployment. It explains the configuration of workers and the creation of a remote access workflow with a focus on security principles. The tutorial covers setting up the infrastructure with Terraform, creating and configuring ingress and egress workers, and establishing target configurations for seamless access. Additionally, it introduces the transparent sessions feature (currently in private beta), which allows users to connect using familiar tools without needing to handle credentials.
Lobsters·2yleg100/pug: Drive terraform at terminal velocity.
Pug is a TUI application designed for Terraform power users. It enables parallel task execution, interactive state resource management, and supports Terraform, Tofu, and Terragrunt. Pug works across different backends and automatically loads workspace variable files. Installation options include Go, Homebrew, or downloading from GitHub. Configuration is flexible with flags, environment variables, and a YAML config file. Pug's interface allows users to manage modules, workspaces, and tasks interactively.