The Open Policy Agent (OPA) is an open source high-level declarative language that let’s you specify policy as code and simple APIs to offload policy decision-making from your software. In this article we are going to review s3 opa terraform example OPA can be used during deployment of your IaC code or CICD pipeline. refer […]
Category: Terraform
Terraform (IAAC) examples solving every day cloud problems
Create IAM policies using AWS Lambda
In this article let’s look into how we can Create IAM policies using AWS Lambda and attach it to an existing IAM role during deployment using terraform. Imagine a scenario where you are working in a multi AWS account environment and the lambda in the main account needs permissions on other accounts ( for assuming […]
Don’t miss CloudWatch log group permissions
CloudWatch log group permissions are required in order for the log groups to receive events from a sources such as Cloud Watch Event rule. these permissions are added automatically when you create log groups using AWS Console. However when we use terraform to automate the process, these permissions should be added separately otherwise your log […]
Multiple Terraform providers and dynamic lookup
Multiple Terraform providers are helpful when you are working with multiple accounts (AWS) or working on a solution that spans across multiple accounts. You need an efficient way of defining Multiple Terraform providers to be able to lookup each provider dynamically. Following example uses terraform modules , refer to this article to understand how terraform […]
Terraform providers and modules
When we are working with terraform to create cloud infrastructure, one of the common use case is dealing with multiple terraform providers ( accounts, or entirely different providers). For example it may be a simple case of creating a S3 bucket in account A with cross account permissions and create the IAM role in account […]
Terraform workspaces – avoid redundancy
Terraform organizes infrastructure through workpaces, that includes maintaining separate remote state for each environment. Terraform workspaces starts with a single workspace named “default”. This workspace is special both because it is the default and also because it cannot ever be deleted. we will be creating new workspaces for each environment as opposed to maintaining separate folders […]
Cloud compliance using OPA Policies
Implement Cloud Compliance policies using OPA Policies and protect your cloud infrastructure. Integrate OPA policies in CICD pipeline and validate your code , OPA is open source and it is easy to implement and only requires basic programming skills. Cloud compliance using OPA Policies When we provision the infrastructure and deploy resources into cloud , […]