My first bit of code for my new employer was help to setup a “security VPC” that hosts a pair of Palo-Alto firewalls to inspect traffic from other AWS accounts (AKA “hub and spoke”). This work was based (loosely) on repos found here and here…these repos build a similar environment but within a single AWS […]
How I removed credentials from my terraform code.
I had been using credential files in my terraform projects. Recently I switch to use AWS SSO and providing the profile name in the code. At runtime (plan, apply, etc.) terraform will use the token from the given profile. If AWS returns expired, the command will stop with authentication errors. Simply authenticate by cli via […]
Don’t add account id to your Terraform code
I discovered a handy trick to get the account id of the given profile/account. The key is to use a new data source object and pass it the provider. See the code below. So no need to ever put account ids in terraform code again? I’m good with that. Happy building, D
Joining an EC2 instance to a self-managed AD to launch with user-data
My latest project is a bit of a return to my old life with Microsoft. The majority of my AWS work has been with Linux workloads, so it’s been nice to brush off my old skills and return to PowerShell 😃. After manually joining a couple of instances to a self-managed AD (not an AWS […]