2 min read
Here's the recording from our DevOps “Office Hours” session on 2022-04-20.
We hold public “Office Hours” every Wednesday at 11:30am PST to answer questions on all things DevOps/Terraform/Kubernetes/CICD related.
These “lunch & learn” style sessions are totally free and really just an opportunity to talk shop, ask questions and get answers.
Register here: cloudposse.com/office-hours
Basically, these sessions are an opportunity to get a free weekly consultation with Cloud Posse where you can literally “ask me anything” (AMA). Since we're all engineers, this also helps us better understand the challenges our users have so we can better focus on solving the real problems you have and address the problems/gaps in our tools.
[00:00:00] Intro
[00:01:22] Terraform Experiment Update: Optional arguments in object variable type definition
https://github.com/hashicorp/terraform/issues/19898#issuecomment-1101853833
[00:02:22] GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens (from Heroku & TravisCI)
https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html
[00:05:53] Terraform Data Source for AWS Pricing Data
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/pricing_product
[00:06:26] How to Make 100K/year on GitHub Sponsors
https://calebporzio.com/i-just-hit-dollar-100000yr-on-github-sponsors-heres-how-i-did-it
[00:13:20] AWS Security Hub adds cross-Region security scores and compliance statuses
https://aws.amazon.com/about-aws/whats-new/2022/04/aws-security-hub-cross-region-security-scores-compliance-statuses/
[00:15:58] FYI, AWS Single Sign-On is now HIPAA eligible
https://aws.amazon.com/about-aws/whats-new/2022/04/aws-single-sign-on-hipaa-eligible/
[00:17:00] AWS Shield adds automatic application-layer DDoS mitigation for ALBs with WAF
https://aws.amazon.com/about-aws/whats-new/2022/04/aws-shield-application-balancer-automatic-ddos-mitigation/
[00:23:01] Terraform + GitHub Actions & OIDC (via weekly.tf)
https://blog.symops.com/2022/04/14/terraform-pipeline-with-github-actions-and-github-oidc-for-aws/
[00:24:03] Hierarchical YAML Configurations in Terraform
https://github.com/lyraproj/hiera
[00:28:08] Rare Leakage of an S3 Stack Trace
[00:30:21] Cloud Posse “Activation Days”? Who is interested….
[00:32:27] What kind of a git repo structure do you recommend if I want to separate my terraform modules in repository?
[00:39:48] Are there any examples on the use of helmfile that showcase how one might use it in a “bigger” situation?
[00:54:53] Outro
Author Details
CEO
Erik Osterman is a technical evangelist and insanely passionate DevOps guru with over a decade of hands-on experience architecting systems for AWS. After leading major cloud initiatives at CBS Interactive as the Director of Cloud Architecture, he founded Cloud Posse, a DevOps Accelerator that helps high-growth Startups and Fortune 500 Companies own their infrastructure in record time by building it together with customers and showing them the ropes.