InfoQ Homepage Terraform Content on InfoQ
-
Bridgecrew's Yor Provides Automated Tagging for Infrastructure as Code
Bridgecrew recently released Yor, their open-source tool for automated infrastructure as code tagging. Yor automatically adds tags to infrastructure configurations which are then applied to the running cloud resources, simplifying connecting the active resources back to the code that created them. Yor currently supports Terraform, CloudFormation, and Serverless.
-
AWS CloudFormation Guard Adds Type Blocks, Filtering, and Reusable Rules
AWS released version 2 of CloudFormation Guard, their open source tool for validating CloudFormation templates. This release introduces a number of new features including type blocks, support for Conjunctive Normal Form, filters, and named rules. Guard enables writing policy-as-code that can then be used to validate any well-formed JSON or YAML file.
-
Cloudflare Improves Automated Terraform Generation Tool
Cloudflare recently released an updated version of their cf-terraforming tool. This tool streamlines generating Terraform HCL from existing Cloudflare resources. The new release simplifies the generation process and introduces changes to better future proof the tool.
-
Infrastructure Vulnerability Scanner Checkov Adds Context Aware Assessments
Bridgecrew has announced the first 2.x version of Checkov. Checkov is an open-source scanner for infrastructure as code (IaC). The 2.0 release includes a re-architected backend that is now graph-based allowing for better processing of multi-resource queries. There has also been an increase in coverage with the addition of nearly 250 new policies.
-
Consul-Terraform-Sync Enables Automating of Common Networking Tasks
HashiCorp has moved Consul-Terraform-Sync (CTS) into full general availability. CTS allows for the definition of tasks as Terraform modules that can be run as services are added or removed from Consul. CTS is part of a solution called Network Infrastructure Automation (NIA) which focuses on automating day two network tasks such as updating load balancer pools or firewall policies.
-
HashiCorp Terraform Adds Concise Diff Formatter and Sensitive Data Obfuscation
Hashicorp has released Terraform 0.14 into general availability. The release introduces a new concise diff format that limits the output to only the elements that are changing. Other improvements include the ability to hide sensitive data and produce lockfiles for provider dependencies.
-
Bridgecrew Releases State of Open Source Terraform Security Report
Bridgecrew, a developer-first platform that codifies cloud security, recently published the State of Open Source Terraform Security report. The company utilized open-source Infrastructure-as-Code (IaC) static analysis tool Checkov. One of the key findings reveals that modules used to provision AWS resources are most likely misconfigured.
-
HashiCorp Introduces HashiCorp Cloud Platform
HashiCorp, the company behind the software tool Terraform, introduces a platform to run their products on AWS, Azure, and GCP as managed services. This will extend their enterprise offer with a focus on multi-cloud environments.
-
Managing Infrastructure from Kubernetes with the HashiCorp Terraform Operator
HashiCorp has released the alpha version of the Terraform operator for Kubernetes to manage infrastructure as code from Kubernetes. After installing the operator, users can synchronize Terraform workspaces using Kubernetes manifests. Then, applications running in Kubernetes can reference Terraform outputs using ConfigMaps. For now, this operator only works for Terraform Cloud.
-
AzureRM Terraform Provider 2.0 Released with Custom Timeouts and Improved Resource Importing
HashiCorp announced the release of version 2.0 for the AzureRM Terraform Provider. This release includes an overhaul of how virtual machines and virtual machine scale set resources are described, an introduction of custom timeouts, and the removal of a number of deprecated resources. There are also changes to improve how existing resources are handled while running terraform apply.
-
Automated Testing for Terraform, Docker, Packer, Kubernetes, and More: Yevgeniy Brikman at QCon SF
At QCon SF, Yevgeniy Brikman presented "Automated Testing for Terraform, Docker, Packer, Kubernetes, and More". Key takeaways from the talk included the recommendation to use an appropriate mix of all testing techniques discussed, such as static analysis, unit tests, integration tests, and end-to-end tests.
-
HashiConf US 2019: Terraform and Consul Updates, Multi-* Workflows, and Shared Learning
At the fifth HashiConf US conference, held in Seattle, the HashiCorp founders made several new feature announcements for their Terraform and Consul products. Additional key takeaways from the event included: focus on workflows, not tooling; the software delivery world is becoming multi-cloud/platform/service; and there is still much that developers can learn from operations teams, and vice versa.
-
Terraform 0.12 Release: New HCL Syntax, Improved Error Messages, and Upgrade Tooling
Terraform 0.12 release includes updates to the HCL, such as first-class expression syntax, value types, loops, dynamic blocks, and conditional expression improvements. Error messages now contain additional context, and the output to a terraform plan now renders in a more readable format. Terraform 0.12 isn't 100% backwards compatible, but comes with an upgrade and validation tool.
-
DOES London: ITV Autoscaling for Love Island
Tom Clark from ITV, a UK-based commercial producer and broadcaster, gave his fourth talk at DevOps Enterprise Summit London recently, titled 'Better, Faster, Cheaper, Happier,’ building on the evolutionary story of the common platform for which he is accountable.
-
Reconciling Kubernetes and PCI DSS for a Modern and Compliant Payment System
Ana Calin, systems engineer at Paybase, gave an experience report at QCon London [slides PDF] on how the end-to-end payments service provider solution managed to achieve PCI DSS level 1 compliance (the highest) with 50+ Node.js microservices running on Google Cloud Kubernetes Engine (GKE), and using Terraform for infrastructure provisioning and Helm for service deployment.