Rover is a tool to visuzlize your Terraform resources and their relations for better understanding of what's going on in your systems.
Rover:
- Generates a
- Parses the
- Consumes the rso, map, and graph to generate an interactive configuration and state visualization hosts on
#terraform #toolz
Rover:
- Generates a
plan file and parses the configuration in the root directory.- Parses the
plan and configuration files to generate three items: the resource overview (rso), the resource map (map), and the resource graph (graph).- Consumes the rso, map, and graph to generate an interactive configuration and state visualization hosts on
localhost:9000.#terraform #toolz
TF 1.1.0 was released, and maybe the most interesting feature is the ability to force vars to be not-null
By default, all variables set implicitly to
#terraform
Non-nullable with a default: if left unset, or set explicitly to null, then
# it takes on the default value
# In this case, the module author can safely assume var.d will never be null
variable "e" {
nullable = false
default = "hello"
}
# Non-nullable with no default: variable must be set, and cannot be null.
# In this case, the module author can safely assume var.d will never be null
variable "d" {
nullable = false
}
By default, all variables set implicitly to
nullable = true.#terraform
I had an idea of writing something about Terraspace for quite some time now. I might have even had a draft somewhere! But of course, someone wrote it before me :)
Here's an article about Terraspace - a part of series about Terraform ecosystem. Other parts are:
- From Terralith to Terraservice with Terraform
- Terragrunt cheat sheet
- Another part with the comparison between Terragrunt and Terraspace is coming soon, but there are already some source files
I got this article from the Terraform Weekly subscription. It's curated by a proud member of our community - Anton Babenko. If you use Terraform in your work, you should definitely subscribe!
P.S. If you still think I should write something about Terraspace, let me know by putting 👍 emoji on this post. If you have more specific suggestions, you're always welcome in our chat (chat is in Ukrainian and Russian)!
#terraform #hashicorp #terragrunt #terraspace
Here's an article about Terraspace - a part of series about Terraform ecosystem. Other parts are:
- From Terralith to Terraservice with Terraform
- Terragrunt cheat sheet
- Another part with the comparison between Terragrunt and Terraspace is coming soon, but there are already some source files
I got this article from the Terraform Weekly subscription. It's curated by a proud member of our community - Anton Babenko. If you use Terraform in your work, you should definitely subscribe!
P.S. If you still think I should write something about Terraspace, let me know by putting 👍 emoji on this post. If you have more specific suggestions, you're always welcome in our chat (chat is in Ukrainian and Russian)!
#terraform #hashicorp #terragrunt #terraspace
Medium
Terraspace cheat sheet
Multi-Env, Multi-Account, Multi-Region example with terraspace
Just got a HashiCorp Certified: Terraform Associate to be sure that I don't miss anything important.
A quick recap of how I did it:
1. Saw HashiCorp Terraform Associate Certification Course - Pass the Exam! from a guy that learns TF just to be certified and make this course :) On x1.25-x2 speed
(Note: in 1st hour he describe comp. science theory in the worst possible way, confusing the use of terms and their meanings. So better google it, Wikipedia describes them better)
2. Test me by free test at exampro.co/terraform. (Feel free to use 10minutemail.com)
3. Click Register to the exam here, read all articles, add mail that is used as primary in Github to Credly, buy exam, cleanup workspace
4. Fight with PSI Security Browser for half-our before it became happy about working process on a laptop, number of monitors. Record video of the floor, table, whole room, myself... That's why you should start connecting 30 minutes before the exam start.
5. Pass the exam, get a badge on Credly, and email with a passing score.
About exam complexity, from youtube comments:
> Just a heads up, i watched this over 2 days (skipped most of the hands on), and I took the cert today and passed with a 93%. Everything on the test was in this video. I've used terraform maybe once before.
IMHO, that cert can be a plus for Intern/Junior position, but not above. Sadly, still no Professional exam for TF.
#terraform #certification
A quick recap of how I did it:
1. Saw HashiCorp Terraform Associate Certification Course - Pass the Exam! from a guy that learns TF just to be certified and make this course :) On x1.25-x2 speed
(Note: in 1st hour he describe comp. science theory in the worst possible way, confusing the use of terms and their meanings. So better google it, Wikipedia describes them better)
2. Test me by free test at exampro.co/terraform. (Feel free to use 10minutemail.com)
3. Click Register to the exam here, read all articles, add mail that is used as primary in Github to Credly, buy exam, cleanup workspace
4. Fight with PSI Security Browser for half-our before it became happy about working process on a laptop, number of monitors. Record video of the floor, table, whole room, myself... That's why you should start connecting 30 minutes before the exam start.
5. Pass the exam, get a badge on Credly, and email with a passing score.
About exam complexity, from youtube comments:
> Just a heads up, i watched this over 2 days (skipped most of the hands on), and I took the cert today and passed with a 93%. Everything on the test was in this video. I've used terraform maybe once before.
IMHO, that cert can be a plus for Intern/Junior position, but not above. Sadly, still no Professional exam for TF.
#terraform #certification
Only 4 days left to get the Terraform - From Zero to Certified Professional course for free!
I think, this is a great opportunity to get yourself familiar with Terraform or take a look, how things are done in the newer versions in case you're still using 0.11 for whatever reason.
#terraform #hashicorp #aws
I think, this is a great opportunity to get yourself familiar with Terraform or take a look, how things are done in the newer versions in case you're still using 0.11 for whatever reason.
#terraform #hashicorp #aws
Udemy
Terraform - From Zero to Certified Professional
2024 HashiCorp Certified: Terraform Associate and much more
IAM Policy Validator for Terraform can validate your IAM policies written in Terraform against best practices.
It uses AWS IAM Access Analyzer, therefore you need to grant it respective permissions to access this service. On the good side, unlike isolated tools, you don’t have to rely on the tool’s developers to update the validation policies. Everything comes from AWS itself.
#aws #terraform
It uses AWS IAM Access Analyzer, therefore you need to grant it respective permissions to access this service. On the good side, unlike isolated tools, you don’t have to rely on the tool’s developers to update the validation policies. Everything comes from AWS itself.
#aws #terraform
GitHub
GitHub - awslabs/terraform-iam-policy-validator: A command line tool that validates AWS IAM Policies in a Terraform template against…
A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices - GitHub - awslabs/terraform-iam-policy-validator: A command line tool that validates AWS...
DoorDash has written a nice article about them leveraging policies-as-code for Terraform with Atlantis. They are using OPA with Conftest for that.
For me the interesting part was the idea to keep the policies in an S3 bucket for Atlantis. It looks a bit over complicated (why not store them just in Git?), but I don’t have much experience with Atlantis, so I dunno.
Also, there’s this passage that can make a grownup man cry:
> The core-infra team engineers soon became full-time code reviewers for all the changes that were needed to keep the platform from breaking.
#terraform #atlantis #opa
For me the interesting part was the idea to keep the policies in an S3 bucket for Atlantis. It looks a bit over complicated (why not store them just in Git?), but I don’t have much experience with Atlantis, so I dunno.
Also, there’s this passage that can make a grownup man cry:
> The core-infra team engineers soon became full-time code reviewers for all the changes that were needed to keep the platform from breaking.
#terraform #atlantis #opa
DoorDash Engineering Blog
How DoorDash Ensures Velocity and Reliability through Policy Automation - DoorDash Engineering Blog
Learn how DoorDash enables their engineers to self-serve infrastructure through policy automation while ensuring reliability and speed
Terraform 1.3.1 released, which means we are now safe to use 1.3.x, where
More here - https://github.com/hashicorp/terraform/releases/tag/v1.3.0
#terraform
optional() feature in variables is GA:
variable "with_optional_attribute" {
type = object({
a = string # a required attribute
b = optional(string) # an optional attribute
c = optional(number, 127) # an optional attribute with a default value
})
}
More here - https://github.com/hashicorp/terraform/releases/tag/v1.3.0
#terraform
Folks at Cloudflare describe how they work with Terraform there.
This article contains some examples of using Cloudflare's Terraform provider, so those might be handy if you're using their product.
Also, there's a controversial opinion about the usage of Tf modules. This article claims that one should avoid modules, because they decrease clarity in the long run. Like, if you have multiple environments or accounts, or applications that are similar but slightly different from each other, the cardinality of modules' variables may become unbearable.
I won't comment on this. I think this is one of those cases, when context matters the most. Such an approach may suit you or may not. You need to decide whether you'd better use modules or not yourself.
#terraform
This article contains some examples of using Cloudflare's Terraform provider, so those might be handy if you're using their product.
Also, there's a controversial opinion about the usage of Tf modules. This article claims that one should avoid modules, because they decrease clarity in the long run. Like, if you have multiple environments or accounts, or applications that are similar but slightly different from each other, the cardinality of modules' variables may become unbearable.
I won't comment on this. I think this is one of those cases, when context matters the most. Such an approach may suit you or may not. You need to decide whether you'd better use modules or not yourself.
#terraform
The Cloudflare Blog
How Cloudflare uses Terraform to manage Cloudflare
Cloudflare uses the Cloudflare Terraform provider extensively to make changes to our internal accounts as easy as opening a pull request.
terraform-hcloud-kube-hetzner
is a Terraform module to create a lightweight Kubernetes cluster in the Hetzner cloud. It's based on openSUSE MicroOS and k3s Kubernetes distribution.
I'm not a big fan of Hetzner for many reasons, but if you need to run a cluster for cheap, this might be a viable solution for you.
P.S. This tool was initially shared in the CatOps chat (the chat is in Ukrainian). Feel free to join, if you like to! We also have voice rooms in open spaces format there to discuss various topics
from time to time.
#hetzner #kubernetes #terraform
is a Terraform module to create a lightweight Kubernetes cluster in the Hetzner cloud. It's based on openSUSE MicroOS and k3s Kubernetes distribution.
I'm not a big fan of Hetzner for many reasons, but if you need to run a cluster for cheap, this might be a viable solution for you.
P.S. This tool was initially shared in the CatOps chat (the chat is in Ukrainian). Feel free to join, if you like to! We also have voice rooms in open spaces format there to discuss various topics
from time to time.
#hetzner #kubernetes #terraform
GitHub
GitHub - kube-hetzner/terraform-hcloud-kube-hetzner: Optimized and Maintenance-free Kubernetes on Hetzner Cloud in one command!
Optimized and Maintenance-free Kubernetes on Hetzner Cloud in one command! - kube-hetzner/terraform-hcloud-kube-hetzner