Terraform

Home /
Tags /
Terraform

Using IAM Roles Anywhere to Eliminate Static AWS Credentials

In this blog, I’ll guide you through the process of setting up AWS IAM Roles Anywhere to securely provide temporary AWS credentials for your external workloads, eliminating the need for static credentials and enhancing your security posture.

Monitor Critical IAM Actions in AWS Using CloudTrail and SNS

This blog post explains how to monitor AWS IAM activity with CloudTrail, EventBridge, and SNS to track critical API calls in real time, enhancing security and compliance.

Enable effortless and serverless App streaming using Amazon AppStream 2.0 Elastic Fleets

This blog post explores how Amazon AppStream 2.0 enables businesses to efficiently and securely stream applications to users, offering a scalable and cost-effective solution for accessing desktop applications from anywhere.

Setup an AWS KMS custom key store using AWS CloudHSM

In this blog, I’ll walk you through how you can leverage a CloudHSM custom key store to gain full control over your cryptographic keys and operations, ensuring compliance with stringent security standards while maintaining the flexibility of AWS cloud services.

Building a transactional data lake using Lake Formation and Apache Iceberg Part 3

This blog covers building a transactional Data Lake on S3 with AWS LakeFormation, Apache Iceberg, and Terraform. In Part 3, we integrate a BI workload by consolidating Iceberg data and creating a QuickSight dashboard for insights.

Building a transactional data lake using Lake Formation and Apache Iceberg Part 2

This blog covers using AWS LakeFormation, Apache Iceberg, and Terraform to build a transactional Data Lake on S3. In Part 2, we set up AWS Glue ELT pipelines to clean and transform raw data into Iceberg tables for analytics.

Building a transactional data lake using Lake Formation and Apache Iceberg Part 1

This blog explores using AWS LakeFormation, Apache Iceberg, and Terraform to build a transactional Data Lake on S3. In Part 1, we set up the Data Lake and ingest data from a sample source using AWS DMS.

Building a Cloud SIEM with AWS OpenSearch Security Analytics

In this blog post, I'll show you how to build a lightweight SIEM system in AWS using AWS OpenSearch and its Security Analytics features, combined with Zeek. This solution enables real-time monitoring of cloud network traffic and generates alerts when potential threats are detected.

Build a scalable IDS and IPS solution using Suricata and AWS Gateway Load Balancer

In this blog post, I will demonstrate how to leverage Suricata with the AWS Gateway Load Balancer and Terraform to implement a highly available, scalable, and cost-effective IDS/IPS solution in AWS. This approach will enable you to monitor network traffic, detect threats, and block them before they reach your systems.

Automated ECS deployments using AWS CodePipeline

In this blog post, I aim to demonstrate how you can leverage AWS CodePipeline and Amazon ECS alongside Terraform to implement an automated CI/CD pipeline. This pipeline efficiently handles the building, testing, and deployment of containerized applications, streamlining your development and delivery processes.

Streamlined Kafka Schema Evolution in AWS using MSK and the Glue Schema Registry

This blog post will walk you through the steps of utilizing Amazon MSK in combination with AWS Glue Schema Registry and Terraform to build a cross-account streaming pipeline for Kafka, complete with built-in schema evolution.

Centralized traffic filtering using AWS Network Firewall

This blog post aims to guide you through the process of integrating the AWS Network Firewall into your hybrid AWS Hub and Spoke network. By doing so, you can effectively analyze, monitor, and filter both incoming and outgoing network traffic among all involved parties, thereby enhancing the overall security of your infrastructure layer.

Build Golden AMIs with Packer and AWS CodePipeline

In this blog post, I would like to demonstrate how you can leverage AWS CodePipeline and AWS Stepfunctions, along with Terraform and Packer, to establish a fully automated pipeline for creating Golden AMIs.

Hybrid DNS resolution using Route 53 Endpoints

In this blog post, I would like to show you how you can leverage Route53 endpoints in combination with Terraform to establish seamless DNS query resolution across your entire hybrid network.

Multiple Site-to-Site VPN Connections in AWS Hub and Spoke Topology

In this blog post, I would like to show you how you can go beyond a simple, static AWS Site-to-Site VPN connection by leveraging dynamically routed Site-to-Site VPNs in combination with a Transit Gateway. This hub and spoke network setup will allow us to employ the Border Gateway Protocol (BGP) as well as equal-cost multi-path routing (ECMP) and AWS Global Accelerator to not only exchange routing information between AWS and the corporate data center automatically but also increases the overall VPN throughput and reliability.

Serverless Cross-Account Microservices

In this blog post, I would like to show you how you can leverage AWS services like Amazon API Gateway, Lambda, DynamoDB, and VPC Endpoints in combination with Terraform to build a fully-managed and serverless cross-account microservice architecture.

Build a Site-to-Site IPSec VPN with Public Encryption Domain

In this blog post, I would like to show you how you can leverage tools like pfSense and VNS3 in combination with Terraform to build a Site-to-Site IPSec VPN connection between AWS and on-premises networks with a public encryption domain.

Build Terraform CI/CD Pipelines using AWS CodePipeline

In this blog post, I would like to show you how you can leverage the AWS Code Services CodeCommit, CodeBuild, and CodePipeline in combination with Terraform to build a fully-managed CI/CD pipeline for Terraform.

Cross Account Kafka Streaming: Part 1

In this blog series, I would like to show you how you can leverage Amazon MSK and Terraform to set up a fully managed, cross-account Apache Kafka streaming pipeline on AWS. In this first part, we will set up the MSK Kafka cluster and producers.

Cross Account Kafka Streaming: Part 2

In this blog series, I would like to show you how you can leverage Amazon MSK and Terraform to set up a fully managed, cross-account Apache Kafka streaming pipeline on AWS. The second part will show you how you can set up distributed Kafka clients in different AWS accounts and communicate with the MSK cluster via AWS VPC Endpoints.

Serverless Jenkins on ECS Fargate: Part 1

This is the first post of a three-post series. In this series, I would like to show you how you can leverage AWS Fargate and Terraform to deploy a serverless as well as fault-tolerant, highly available, and scalable Jenkins Controller/Agent deployment pipeline.

Serverless Jenkins on ECS Fargate: Part 2

This is the second post of a three-post series. In this series, I would like to show you how you can leverage AWS Fargate and Terraform to deploy a serverless as well as fault-tolerant, highly available, and scalable Jenkins Controller/Agent deployment pipeline.

Serverless Jenkins on ECS Fargate: Part 3

This is the third post of a three-post series. In this series, I would like to show you how you can leverage AWS Fargate and Terraform to deploy a serverless as well as fault-tolerant, highly available, and scalable Jenkins Controller/Agent deployment pipeline.

Version Control your Database on AWS using Flyway