-
Pulumi: Setting passphase as an environment variable
2 min read
When creating a new pulimi stack you can set a passphase (--secrets-provider) so that both configuration secrets and secrets stored in the state file should be encrypted using a key derived from a passphrase: To be able to use pulumi up you'll have to provide this passphrase. If you don't want to provide it interactively, you can use an environment variable to set it.
28/08/2023
Read more... -
Keeping the terraform state in a Kubernetes Secret
2 min read
Storing the terraform state into a S3 bucket with dynamoDB for locking has become the de facto standard for being able to share the state across an organization. Nevertheless, there are interesting alternatives: We can use a Kubernetes Secret
19/04/2022
Read more... -
Moving terraform resources from the state file as code
2 min read
Certain operations can cause terraform to try to delete an recreate a resource when we are just trying to move it around within the state, for example renaming a resource
02/02/2022
Read more... -
Merging resources from several terraform states
2 min read
If you have several terraform projects for handling the deployment of a part of the application and you want to consolidate it into a single project, you can create a new terraform state and import all the resources using terraform import or you can use tfstate-merge to copy resources to the new state to consolidate it
06/10/2021
Read more... -
Moving terraform resources to a new code base
3 min read
If we have a set of resources on a set of terraform code that we want to move to another code base, we could use terraform import to import them to the new state but this required make the effort to identify the resources to import. If are going to import the entire state we can make it much easier using terraform state pull and terraform state push
30/09/2021
Read more...