Public “Office Hours” (2021-06-16)

Erik OstermanOffice Hours

1 min read

Here's the recording from our DevOps “Office Hours” session on 2021-06-16.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.


[00:00:00​] Intro
[00:01:00​] Taylor intro
[00:03:00​] Taylor’s Terraform story
[00:05:50] What does a Senior Developer Advocate do?
[00:08:00​] How does HashiCorp manage so many community requests?
[00:09:42​] What are the benefits of using CDK for Terraform over vanilla Terraform?
[00:16:33] Terraform and multi-cloud limitations
[00:18:27] Where is terraform 1-2 years from now?
[00:22:53​] Does HashiCorp want to be an open source “Amazon” of DevOps services?
[00:27:05] Where is HashiCorp growing the most?
[00:28:28] Ideal image build workflow using Terraform?
[00:30:25​] HCP offering for Packer
[00:33:34] Removal of provisioners (e.g., Chef)
[00:35:35​] How 1.0 changed things
[00:38:03] Terraform debugging and testing
[00:42:54] Long term maintenance of demos
[00:46:42] Do you ever see HashiCorp creating a layer above Terraform to orchestrate many root modules / deal with that DAG?
[00:51:07] Could a custom Terraform Provider behave like a Kubernetes Operator?
[00:55:57] Has Terraform solved the problem Terragrunt was built for?
[00:58:29​] Outro

Public “Office Hours” (2021-06-09)

Erik OstermanOffice Hours

1 min read

Here's the recording from our DevOps “Office Hours” session on 2021-06-09.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:11​] Terraform 1.0 Released!!!!!!!!!!!!!!!!!!!!!!!!!!!
https://www.hashicorp.com/blog/announcing-hashicorp-terraform-1-0-general-availability
[00:03:51] Intro to Yoni Leitersdorf and Cloudrail
[00:06:01] Yoni and Indeni’s background
[00:08:45] CSPM tools (Cloud Security Posture Management tools)
[00:10:39] Issues with current tools
[00:13:40] Trending to earlier detection
[00:15:15] Static analysis vs dynamic analysis + example
[00:21:21] How Cloudrail works under the hood
[00:31:38] Getting started and pricing options
[00:32:48​] Configurations of destroyed resources
[00:34:54] Infrastructure as Code agnostic rules
[00:39:05] How Indeni decides what goes into their policy engine
[00:43:17​] Drift detection
[00:48:03​] Built on a Graph database (dragoneye)
[00:50:38] API throttling while pulling the state of live resources
[00:51:44] The case for “Continuous Compliance”
[00:53:25​] Hiring
[00:54:23] How to get started and special promo for SweetOps members
[00:55:10​] Outro

Public “Office Hours” (2021-06-02)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-06-02.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

[00:00:00​] Intro
[00:01:36]​ Terraform 0.15.5 Released
https://github.com/hashicorp/terraform/releases/tag/v0.15.5
[00:01:51]​ TACO Update! New Terraform Cloud “Apply” Interface
https://www.hashicorp.com/blog/new-apply-user-interface-for-terraform-cloud
[00:02:59​] “A Cloud Guru” Acquired
https://www.prnewswire.com/news-releases/pluralsight-to-acquire-a-cloud-guru-to-accelerate-solving-the-single-biggest-challenge-in-it-today-the-growing-cloud-skills-gap-301303991.html
[00:03:26] Terraform AWS Provider adds AWS Amplify Support
https://github.com/hashicorp/terraform-provider-aws/releases/tag/v3.43.0
[00:09:56​] Vendir: Feature Ignore Paths (Thanks Joe Hosteny & Joel Holmes)
https://github.com/vmware-tanzu/carvel-vendir/pull/64
[00:24:23​] Kubernetes PodSecurityPolicy Deprecation: Past, Present, and Future
https://kubernetes.io/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/
[00:25:02​] Kubernetes Graceful Node Shutdown Goes Beta
https://kubernetes.io/blog/2021/04/21/graceful-node-shutdown-beta/
[00:25:25​] Kubernetes Suspended Jobs
https://kubernetes.io/blog/2021/04/12/introducing-suspended-jobs/
[00:27:35] Amazon launches ECS Anywhere GA
[00:29:35] Terraform provider for submitting job applications
[00:34:15] Leapp vs AWS Vault
[00:45:52​] Anyone use terraform-provider-sops with KMS keys?
[00:51:03​] State of our Reference Architecture
[00:56:54] Outro

Public “Office Hours” (2021-05-26)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-05-26.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:25 AWS Launches EC2 Auto Scaling Warm Pools
https://www.infoq.com/news/2021/05/aws-warm-pools/
– – –
00:05:31 Announcing Support for Predictive Scaling Policy in the Terraform AWS Provider
https://www.hashicorp.com/blog/announcing-support-for-predictive-scaling-policy-in-the-terraform-aws-provider
– – –
00:06:17 New AWS region in UAE
https://aws.amazon.com/blogs/aws/in-the-works-aws-region-in-the-united-arab-emirates-uae/
– – –
00:06:23 AWS container day happening today
– – –
00:07:27 Why system backups no longer shield against ransomware
https://www.techradar.com/news/why-system-backups-no-longer-shield-against-ransomware
– – –
00:08:45 Cloud Posse Needs DevOps Contractors! Apply here: http://cloudposse.com/jobs
– – –
00:09:36 Any thoughts on AWS ECS copilot?
– – –
00:16:29 tfquery
– – –
00:22:50 RDS encrypted Snapshot restore uses snapshot's kms key
https://github.com/hashicorp/terraform-provider-aws/issues/6063
– – –
00:35:45 Favorite Terraform interview questions and exercises?
– – –
00:50:32 Updates on Clair for Amazon
– – –
00:52:33 Development security tools
– – –
00:54:04 Kubernetes resource cost allocation
– – –
00:56:14 Outro
– – –

Public “Office Hours” (2021-05-19)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-05-19.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:30 Terraform Plan Remote Code Execution (RCE) is Trivial
https://alex.kaskaso.li/post/terraform-plan-rce
– – –
00:07:22 Default Tags in the Terraform AWS Provider
https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider
– – –
00:13:00 AWS Announces General Availability of AWS App Runner
https://finance.yahoo.com/news/aws-announces-general-availability-aws-231000856.html
– – –
00:16:20 Easy trick to avoid many ransomware attacks
https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/
– – –
00:18:09 GitHub Dependabot Now Supports HCL2 (E.g. Terraform 0.12 – 15)
https://github.com/dependabot/dependabot-core/issues/1176?utm_campaign=weekly.tf&utm_medium=email&utm_source=Revue%20newsletter#issuecomment-841239564
– – –
00:26:45 Upvote please! New resource: aws_securityhub_standards_control
https://github.com/hashicorp/terraform-provider-aws/pull/14714
– – –
00:28:42 New AWS Load Balancer Controller 2.2 released
https://aws.amazon.com/about-aws/whats-new/2021/05/aws-load-balancer-controller-version-2-2-available-support-nlb-instance/
– – –
00:30:50 AWS WAF supports log filtering
https://aws.amazon.com/about-aws/whats-new/2021/05/aws-waf-adds-support-for-log-filtering/
– – –
00:32:21 Has anyone tried Boundary?
https://www.boundaryproject.io/
– – –
00:36:15 EKS images support Kubernetes 1.20 by default
https://aws.amazon.com/about-aws/whats-new/2021/05/amazon-eks-eks-distro-supports-kubernetes-version-1-20/
– – –
00:37:45 Souin project review (reverse-proxy cache)
https://github.com/Darkweak/Souin
– – –
00:41:12 AWS open sources CloudFormation Guard
https://github.com/aws-cloudformation/cloudformation-guard
– – –
00:44:45 Cloud Posse Needs DevOps Contractors! Apply here: http://cloudposse.com/jobs
– – –
00:45:54 What is the best practice to get Terraform to pick up changes to modules?
– – –
00:46:48 driftctl project review
https://github.com/cloudskiff/driftctl
– – –
00:50:10 Terraform apply destructive after minor version bump?
– – –
00:55:07 Outro
– – –