weekly.tf - Issue #39

Hiatus time

I am planning on putting this newsletter on hiatus for a bit.

When I started this newsletter last year (with one subscriber) I didn't really know where it would go, I just felt like it was something that should exist.

This list is growing, things are going well, but I have come to realize that there are a lot of other things I want to work on, including a new job that I am starting soon (follow my blog if you want to hear about that).

Anyway, I am going to take a break for a bit and maybe it will be back as-is, maybe I will make it monthly, or maybe hand it off to someone else. Definitely reach out if you would be interested.

Terraform will soon have a 'test' command, an experimental feature for making assertions about module configurations. Because the feature is not released yet, the docs are not yet on the website, but you can read the doc source in the pull request.

I haven't watched the whole thing yet, but Anton covers it on his youtube channel.

Does the headline say it all?

A new player in the IaC security analysis space. They seem to be competing on including more context in assessments. One example - when evaluating an S3 bucket, the the tool can know whether there are account level security controls in place. This seems like it would certainly reduce noise if done right.

Notable Releases

The first beta for 0.15 is out. There is a discuss thread for feedback.

Check out the changelog and upgrade guide.

New resources for aws_cloudwatch_event_archive, aws_elasticache_global_replication_group, aws_s3_object_copy and aws_securityhub_invite_accepter and a bunch of bug fixes and improvements.

New resources aws_apigatewayv2_api, aws_apigatewayv2_apis, aws_cognito_user_pool_ui_customization, aws_ecrpublic_repository, aws_sagemaker_app.

Best new feature is links to documentation on over, worth an upgrade for that.

Go 1.15 or higher is now required.