Public “Office Hours” (2021-05-19)

Erik OstermanOffice Hours

2 min read

Here's the recording from our DevOps “Office Hours” session on 2021-05-19.

We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.

These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.

Register here: cloudposse.com/office-hours

Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.

– – –
00:00:00​ Intro
– – –
00:01:30 Terraform Plan Remote Code Execution (RCE) is Trivial
https://alex.kaskaso.li/post/terraform-plan-rce
– – –
00:07:22 Default Tags in the Terraform AWS Provider
https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider
– – –
00:13:00 AWS Announces General Availability of AWS App Runner
https://finance.yahoo.com/news/aws-announces-general-availability-aws-231000856.html
– – –
00:16:20 Easy trick to avoid many ransomware attacks
https://krebsonsecurity.com/2021/05/try-this-one-weird-trick-russian-hackers-hate/
– – –
00:18:09 GitHub Dependabot Now Supports HCL2 (E.g. Terraform 0.12 – 15)
https://github.com/dependabot/dependabot-core/issues/1176?utm_campaign=weekly.tf&utm_medium=email&utm_source=Revue%20newsletter#issuecomment-841239564
– – –
00:26:45 Upvote please! New resource: aws_securityhub_standards_control
https://github.com/hashicorp/terraform-provider-aws/pull/14714
– – –
00:28:42 New AWS Load Balancer Controller 2.2 released
https://aws.amazon.com/about-aws/whats-new/2021/05/aws-load-balancer-controller-version-2-2-available-support-nlb-instance/
– – –
00:30:50 AWS WAF supports log filtering
https://aws.amazon.com/about-aws/whats-new/2021/05/aws-waf-adds-support-for-log-filtering/
– – –
00:32:21 Has anyone tried Boundary?
https://www.boundaryproject.io/
– – –
00:36:15 EKS images support Kubernetes 1.20 by default
https://aws.amazon.com/about-aws/whats-new/2021/05/amazon-eks-eks-distro-supports-kubernetes-version-1-20/
– – –
00:37:45 Souin project review (reverse-proxy cache)
https://github.com/Darkweak/Souin
– – –
00:41:12 AWS open sources CloudFormation Guard
https://github.com/aws-cloudformation/cloudformation-guard
– – –
00:44:45 Cloud Posse Needs DevOps Contractors! Apply here: http://cloudposse.com/jobs
– – –
00:45:54 What is the best practice to get Terraform to pick up changes to modules?
– – –
00:46:48 driftctl project review
https://github.com/cloudskiff/driftctl
– – –
00:50:10 Terraform apply destructive after minor version bump?
– – –
00:55:07 Outro
– – –

About the Author
CEO & Founder / Cloud Posse, LLC

Erik Osterman is a technical evangelist and insanely passionate DevOps guru with over 12 years of hands-on experience architecting systems for AWS. After leading major cloud initiatives at CBS Interactive as the Director of Cloud Architecture, he founded Cloud Posse, a DevOps Accelerator that helps high-growth Startups and Fortune 500 Companies succeed in the cloud by leveraging Terraform and Kubernetes.