weekly.tf - Issue #100 - Using Least Privilege IAM Policies, AWS SAM CLI and Terraform, Managing Terraform State with Terragrunt, CI/CD Pipeline in Azure DevOps, Achieving Balance with Policy Enforcement, AWS re:invent
Finding the “minimum permissions” for an IAM policy can feel like playing a game of Whac-A-Mole. This blog post discusses best practices for defining least privilege IAM policies so you can avoid the back-and-forth. AB: Examples in the post include Terraform code for S3 buckets, which should be sufficient for understanding several concepts.
🙌 Sponsor - env0 🙌
AWS has announced the public preview of AWS Serverless Application Model CLI (AWS SAM CLI) support for local development, testing, and debugging of serverless applications defined using Terraform configuration. AB: Terraform AWS Lambda module has been updated to support this feature since day zero.
Tomer Peleg describes how the usage of Open Policy Agent (OPA) can help developers achieve independence in their day-to-day work with infrastructure.
Jay Allen describes the challenges of managing Terraform and the use cases for Terragrunt.
Syed Saad Ahmed wrote a post about setting up the process of creation of a CI/CD pipeline in Azure DevOps environment.
AWS re:invent 2022 - Open Source Demos
The AWS Modern Applications and Open Source Zone at The Venetian is a must-visit destination for your re:Invent journey. With demos, experts, food, drinks, swag, games, and mystery surprises, how can you not stop by? AB: I will be giving a demo about "Doing serverless on AWS with Terraform (serverless.tf + terraform-aws-modules)" on Tuesday, November 29, 2022, from 11 am to 1 pm.
Display your Terraform module call stack in your terminal.
Remember that sharing is caring, so it will help the Terraform community (and me) if you share this newsletter with your friends and colleagues.
PS: One of the best ways to help Ukraine - https://palianytsia.com.ua/
Glory to Ukraine! 🇺🇦