-
Managing (safely) Secrets as Code with sops and terraform
3 min read
If you are using Infrastructure as Code you've realized there is something it shouldn't be on a git repository: That's the secrets, we should never store clear-text secrets on a git repository, not even if it's a private repository: Anyone with access to that repository could get them.
How can we securely create secrets as code into the AWS Secrets Manager using terraform?
15/02/2022
Read more... -
Kubernetes provider for terraform: kubernetes_manifest
2 min read
Since version 2.8.0 of the Kubernetes provider for terraform, the kubernetes_manifest resource is no longer considered experimental. With this resource we can push any kind of Kubernetes objects using terrraform that doesn't have a specific resource for it:
resource "kubernetes_manifest" "example_km" { manifest = yamldecode(<<-EOF apiVersion: v1 kind: Namespace metadata: name: example-ns annotations: test: example EOF ) }11/02/2022
Read more... -
Moving terraform resources from the state file as code
2 min read
Certain operations can cause terraform to try to delete an recreate a resource when we are just trying to move it around within the state, for example renaming a resource
02/02/2022
Read more... -
Terraform apply without updating modified resources
2 min read
When we are deploying infrastructure using terraform we need to understand that we should not be modifying what we have deployed, otherwise terraform will undo these changes if we apply it again. This is actually a good thing to make sure the code reflex the state of the infrastructure but sometimes can be a pain
24/01/2022
Read more... -
Terraform: retrieve AWS information
2 min read
When running terraform on an AWS account we might need to have some context information such as it's account ID or the region we are in. Instead of having to set them as variables we can use the aws_caller_identity, aws_partition and aws_region datasources to retrieve this information
19/01/2022
Read more...
Terraform:
Infrastructure as Code