Tag: IaC

Scanning Infrastructure as Code (IaC) for vulnerabilities

In the modern world where it feels like every sentence has a Dev⭐Ops word in it, 1 that is probably used more than most is DevSecOps. 
When teams focus on DevSecOps they make sure to integrate security into every phase of development, this includes scanning for vulnerabilities as soon as possible.

This videos shows you briefly how you can use Snyk to scan your terraform templates for vulnerabilities from your CLI as well as part of every commit pushed to GitHub. 

 
Interacting with Cloudflare DNS and Origin Certs using Terraform

In this video we'll take a look at connecting to Cloudflare with terraform to fully automate a full (strict) SSL/TLS encryption mode setup

We'll also cover setting up a basic nginx server which we'll use to validate that our setup is working as expected.

 
Managing GitHub secrets using terraform

In this video we'll take a look at Managing GitHub secrets using terraform as well as federated identities from GitHub into Azure.

You should only be storing secrets if you absolutely need to, in this demo although we are only accessing storage accounts the change from a storage connection string to Azure Federated Identity means that we can access any of resource the identity has access too using RBAC which is a much better overall approach.

 
Building basic Azure infrastructure using Terraform

In this video we'll take a look at how to build some basic Azure infrastructure using Terraform.