Erik Osterman, Author at Cloud Posse

Public “Office Hours” (2021-06-23)

Erik OstermanJune 23, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-06-23.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00] Intro
[00:01:47] Vendir: Feature Ignore Paths Merged. Now waiting on release.
https://github.com/vmware-tanzu/carvel-vendir/pull/64
[00:49:13] (Continued) Vendir: Feature Ignore Paths Merged. Now waiting on release.
[00:02:49] New Terraform Module: AWS Global Accelerator
https://github.com/cloudposse/terraform-aws-global-accelerator
[00:04:01] AWS Macie and AWS Firewall Manager forthcoming.
https://github.com/cloudposse/terraform-aws-macie/pull/1
https://github.com/cloudposse/terraform-aws-firewall-manager
[00:04:54] HashiCorp Google Workspace Provider announced
https://www.hashicorp.com/blog/announcing-the-google-workspace-provider-for-hashicorp-terraform-tech-preview
[00:05:39] AWS CloudFormation Public Registry
https://aws.amazon.com/about-aws/whats-new/2021/06/announcing-a-new-public-registry-for-aws-cloudformation/
[00:07:13] Drift Detection Support Added to Spacelift
https://github.com/cloudposse/terraform-spacelift-cloud-infrastructure-automation/pull/44
[00:11:35] Cloudflare Waiting Rooms
https://blog.cloudflare.com/building-waiting-room-on-workers-and-durable-objects/
[00:12:38] Steampipe – SQL-esque queries for your cloud infrastructure
https://steampipe.io/
[00:14:50] Running Terraform with no internet access (terraform-bundle)
https://github.com/hashicorp/terraform/tree/main/tools/terraform-bundle
[00:20:32] Policy enforcement based on git-diff?
[00:27:27] How do you write a trust policy for an IAM role to allow/disallow AWS SSO roles from another account to assume the role, given that AWS SSO generates non-deterministic IAM role names that change over time?
[00:43:48] (Continued) How do you write a trust policy for an IAM role to allow/disallow AWS SSO roles from another account to assume the role, given that AWS SSO generates non-deterministic IAM role names that change over time?
[00:31:48] Amazon EC2 now allows you to create crash-consistent AMIs and EBS Backups
https://aws.amazon.com/about-aws/whats-new/2021/06/aws-backup-supports-crash-consistent-backup-amazon-ebs-volumes-attached-to-amazon-ec2-instance/
[00:33:06] Any nice Azure reference architectures out there?
[00:36:10] How to share Terraform Generated SSH Keypair?
[00:38:20] How to serve static HTML page from S3 through an ALB
[00:52:00] Cloud9 environments for limited budget teams
[00:56:35] Outro

Public “Office Hours” (2021-06-16)

Erik OstermanJune 16, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-06-16.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

[00:00:00] Intro
[00:01:00] Taylor intro
[00:03:00] Taylor’s Terraform story
[00:05:50] What does a Senior Developer Advocate do?
[00:08:00] How does HashiCorp manage so many community requests?
[00:09:42] What are the benefits of using CDK for Terraform over vanilla Terraform?
[00:16:33] Terraform and multi-cloud limitations
[00:18:27] Where is terraform 1-2 years from now?
[00:22:53] Does HashiCorp want to be an open source “Amazon” of DevOps services?
[00:27:05] Where is HashiCorp growing the most?
[00:28:28] Ideal image build workflow using Terraform?
[00:30:25] HCP offering for Packer
[00:33:34] Removal of provisioners (e.g., Chef)
[00:35:35] How 1.0 changed things
[00:38:03] Terraform debugging and testing
[00:42:54] Long term maintenance of demos
[00:46:42] Do you ever see HashiCorp creating a layer above Terraform to orchestrate many root modules / deal with that DAG?
[00:51:07] Could a custom Terraform Provider behave like a Kubernetes Operator?
[00:55:57] Has Terraform solved the problem Terragrunt was built for?
[00:58:29] Outro

Public “Office Hours” (2021-06-09)

Erik OstermanJune 9, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-06-09.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

—

[00:00:00] Intro
[00:01:11] Terraform 1.0 Released!!!!!!!!!!!!!!!!!!!!!!!!!!!
https://www.hashicorp.com/blog/announcing-hashicorp-terraform-1-0-general-availability
[00:03:51] Intro to Yoni Leitersdorf and Cloudrail
[00:06:01] Yoni and Indeni’s background
[00:08:45] CSPM tools (Cloud Security Posture Management tools)
[00:10:39] Issues with current tools
[00:13:40] Trending to earlier detection
[00:15:15] Static analysis vs dynamic analysis + example
[00:21:21] How Cloudrail works under the hood
[00:31:38] Getting started and pricing options
[00:32:48] Configurations of destroyed resources
[00:34:54] Infrastructure as Code agnostic rules
[00:39:05] How Indeni decides what goes into their policy engine
[00:43:17] Drift detection
[00:48:03] Built on a Graph database (dragoneye)
[00:50:38] API throttling while pulling the state of live resources
[00:51:44] The case for “Continuous Compliance”
[00:53:25] Hiring
[00:54:23] How to get started and special promo for SweetOps members
[00:55:10] Outro

Public “Office Hours” (2021-06-02)

Erik OstermanJune 2, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-06-02.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

—

[00:00:00] Intro
[00:01:36] Terraform 0.15.5 Released
https://github.com/hashicorp/terraform/releases/tag/v0.15.5
[00:01:51] TACO Update! New Terraform Cloud “Apply” Interface
https://www.hashicorp.com/blog/new-apply-user-interface-for-terraform-cloud
[00:02:59] “A Cloud Guru” Acquired
https://www.prnewswire.com/news-releases/pluralsight-to-acquire-a-cloud-guru-to-accelerate-solving-the-single-biggest-challenge-in-it-today-the-growing-cloud-skills-gap-301303991.html
[00:03:26] Terraform AWS Provider adds AWS Amplify Support
https://github.com/hashicorp/terraform-provider-aws/releases/tag/v3.43.0
[00:09:56] Vendir: Feature Ignore Paths (Thanks Joe Hosteny & Joel Holmes)
https://github.com/vmware-tanzu/carvel-vendir/pull/64
[00:24:23] Kubernetes PodSecurityPolicy Deprecation: Past, Present, and Future
https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/
[00:25:02] Kubernetes Graceful Node Shutdown Goes Beta
https://kubernetes.io/blog/2021/04/21/graceful-node-shutdown-beta/
[00:25:25] Kubernetes Suspended Jobs
https://kubernetes.io/blog/2021/04/12/introducing-suspended-jobs/
[00:27:35] Amazon launches ECS Anywhere GA
[00:29:35] Terraform provider for submitting job applications
[00:34:15] Leapp vs AWS Vault
[00:45:52] Anyone use terraform-provider-sops with KMS keys?
[00:51:03] State of our Reference Architecture
[00:56:54] Outro

Public “Office Hours” (2021-05-26)

Erik OstermanMay 26, 2021Office Hours

Here's the recording from our DevOps “Office Hours” session on 2021-05-26.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

– – –
00:00:00 Intro
– – –
00:01:25 AWS Launches EC2 Auto Scaling Warm Pools
https://www.infoq.com/news/2021/05/aws-warm-pools/
– – –
00:05:31 Announcing Support for Predictive Scaling Policy in the Terraform AWS Provider
https://www.hashicorp.com/blog/announcing-support-for-predictive-scaling-policy-in-the-terraform-aws-provider
– – –
00:06:17 New AWS region in UAE
https://aws.amazon.com/blogs/aws/in-the-works-aws-region-in-the-united-arab-emirates-uae/
– – –
00:06:23 AWS container day happening today
– – –
00:07:27 Why system backups no longer shield against ransomware
https://www.techradar.com/news/why-system-backups-no-longer-shield-against-ransomware
– – –
00:08:45 Cloud Posse Needs DevOps Contractors! Apply here: http://cloudposse.com/jobs
– – –
00:09:36 Any thoughts on AWS ECS copilot?
– – –
00:16:29 tfquery
– – –
00:22:50 RDS encrypted Snapshot restore uses snapshot's kms key
https://github.com/hashicorp/terraform-provider-aws/issues/6063
– – –
00:35:45 Favorite Terraform interview questions and exercises?
– – –
00:50:32 Updates on Clair for Amazon
– – –
00:52:33 Development security tools
– – –
00:54:04 Kubernetes resource cost allocation
– – –
00:56:14 Outro
– – –