Public “Office Hours” (2022-05-18)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2022-05-18.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.


[00:00:00] Intro
[00:01:13] Red Hat open sources StackRox
https://techcrunch.com/2022/05/17/red-hat-open-sources-stackrox-the-kubernetes-security-platform-it-acquired-last-year/
[00:01:52] Easily Manage Access to Kubernetes
https://github.com/infrahq/infra
[00:03:40] Heroku CI and Review App Secrets Compromised (Dejavu?)
https://news.ycombinator.com/item?id=31417993
[00:04:56] AWS Control Tower can now use customer provided core accounts
https://aws.amazon.com/about-aws/whats-new/2022/05/aws-control-tower-now-use-customer-provided-core-accounts/
[00:07:41] AWS SSO delegated administration to a member account
https://aws.amazon.com/blogs/security/getting-started-with-aws-sso-delegated-administration/
[00:10:21] Yet Another Kubernetes Controller for Terraform (weaveworks, rancher, et al)
https://www.appvia.io/blog/self-service-of-cloud-resources
https://github.com/weaveworks/tf-controller
https://github.com/rancher/terraform-controller
[00:12:20] Terraform provider for Atlas Database Migrations
https://atlasgo.io/blog/2022/05/04/announcing-terraform-providerx
[00:15:56] What does cloudposse use for ingress controller?
[00:24:41] I’m curious what kinds of patterns cloudposse has seen work for “On demand” environments, for microservices?
[00:38:10] atmos.tools launched!
[00:39:33] Using Terraform to create a DB from scratch – how are we supposed to manage the DB passwords?
[00:44:02] How would you set up IAM policies if starting from scratch?
[00:46:42] Outro

Public “Office Hours” (2022-05-11)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2022-05-11.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.


[00:00:00] Intro
[00:01:27] VSCode edit any GitHub Repository
https://github.dev/cloudposse/geodesic
[00:06:19] GitHub Actions: Enhance your actions with job summaries
https://github.blog/changelog/2022-05-09-github-actions-enhance-your-actions-with-job-summaries
[00:07:25] Validate Stack Configurations in Atmos
https://github.com/cloudposse/atmos/releases/tag/v1.4.13
[00:08:33] Another Terraform Tool for Refactoring
https://github.com/craftvscruft/tfrefactor
[00:11:45] AWS Secrets Manager Publishes Usage Metrics to Amazon CloudWatch
https://aws.amazon.com/about-aws/whats-new/2022/05/aws-secrets-manager-publishes-usage-metrics-to-amazon-cloudwatch/
[00:12:21] Announcing the HashiCorp Releases API
https://www.hashicorp.com/blog/announcing-the-hashicorp-releases-api
[00:14:17] PR Feedback: Overhaul for IPv6 and flexibility
https://github.com/cloudposse/terraform-aws-dynamic-subnets/pull/159
[00:17:50] Join discussions: VPC Endpoints and Transit Gateway
[00:25:55] DevOps Days – Ukraine Edition
[00:27:11] OtterTune scored big round of funding [00:28:55] CloudFlare SQL database announced
[00:34:00] Pulumi YAML – Would love to discuss this with anybody who has had the chance to kick the tires.
[00:48:21] What API Gateways are you guys using for your Kubernetes clusters?
[00:58:50] Outro

Public “Office Hours” (2022-05-04)

Erik OstermanOffice Hours

Here's the recording from our DevOps “Office Hours” session on 2022-05-04.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.


[00:00:00] Intro
[00:01:17] Atmos Adds Vendoring – pull terraform root modules (or anything) from anywhere
https://github.com/cloudposse/atmos/pull/145
[00:07:30] Terraform 1.2 (RC1 just dropped) — adds pre/post conditions, bearer tokens
https://github.com/hashicorp/terraform/releases/tag/v1.2.0-rc1
[00:14:28] Amazon EKS web console adds Kubernetes Resource View
https://aws.amazon.com/blogs/containers/introducing-kubernetes-resource-view-in-amazon-eks-console/
[00:18:34] Werf: Consistent delivery tool
https://werf.io/
[00:26:32] Easy-to-follow set of instructions for a strategy that minimizes the cost of NAT gateways in ec2.
[00:36:00] How many of you don't commit .terraform.lock.hcl to source control?
[00:44:25] Explain to me how crossplane works?
[00:53:35] Outro