Jump to content

Configuration Management & Infrastructure as Code (IaC)

  • Infrastructure as Code (IaC) Principles

  • Configuration Management (CM) Tools (Ansible, Puppet, Chef, SaltStack ...)

  • IaC Tools (Terraform, CloudFormation, Crossplane, Helm Charts ...)

  • Challenges & Best Practices

  1. Managing Infrastructure as Code (IaC) with Terraform is as common as CI/CD pipelines and incident response playbooks. However, there are moments when you don’t want Terraform to touch everything. Maybe you need to quickly redeploy an Azure Function App, or perhaps a specific Storage Account needs an urgent configuration change without disturbing unrelated resources. The […] The article Applying Terraform Changes to Specific Resources using the -target Argument was originally published on Build5Nines. To stay up-to-date, Subscribe to the Build5Nines Newsletter. View the full article

    • 0 replies
    • 181 views
  2. If you work in DevOps, you’ve heard it a thousand times: “Do more with less.” More automation, more security, more reliability—but with the same (or fewer) people. Meanwhile, your development teams keep growing, pushing out new features at breakneck speed. Yet somehow, the infrastructure team is supposed to scale magically to keep up. Let’s be […] View the full article

    • 0 replies
    • 21 views
  3. Today, AWS CloudFormation introduced a new resource scanning workflow for the CloudFormation IaC generator, further simplifying the process of generating Infrastructure-as-Code (IaC) templates for existing resources in your AWS account. IaC generator allows you to onboard existing resources to CloudFormation in three easy steps. First, you initiate a scan of resources in your AWS account. Second, you select resources for template generation and review suggestions for related resources. Third, a CloudFormation template is generated for selected resources. You can then import resources into a CloudFormation stack, download the template for deployment, or convert the templat…

  4. Pulumi today extended the reach of its Environments, Secrets and Configurations (ESC) platform for managing infrastructure-as-code (IaC) into the realm of DevSecOps by adding the ability to manage secrets and implement policies. View the full article

    • 0 replies
    • 16 views
  5. It’s no secret. The Terraform Authoring and Operations Professional with AWS exam is intense. Test takers must answer multiple-choice questions and complete hands-on labs that include writing code, troubleshooting, and solving issues pulled from the real world, all within a four-hour window. The complexity of the exam is essential in validating real, deeply technical Terraform expertise, but it can also make preparing for the exam daunting. That’s why we asked three newly certified Terraform pros to sit down with us and share their advice for success... View the full article

    • 0 replies
    • 198 views
  6. Today, we are announcing Terraform support for AWS Parallel Computing Service (PCS). Customers can now use Terraform to create and manage their PCS clusters. PCS makes it easier to run and scale high performance computing (HPC) workloads and build scientific and engineering models on AWS using Slurm. PCS already supports managing your HPC environments through the AWS Management Console, AWS Command Line Interface (CLI), AWS CloudFormation, and AWS APIs. With this release, customers can now define and deploy their PCS infrastructure using the HashiCorp Terraform Infrastructure as Code (IaC) tool, and manage clusters through their existing Terraform workflows. This integr…

  7. As cloud infrastructure becomes increasingly complex, the need for tools that simplify and automate resource management is more critical than ever. This is especially true for big data management platforms. In the Microsoft ecosystem, that usually means Microsoft Fabric... View the full article

    • 0 replies
    • 80 views
  8. We are pleased to once again offer a scholarship program to support members of our community from all backgrounds to attend HashiConf 2025. This community cloud conference will be held September 24-26 in San Francisco, California. At HashiCorp, we value diversity and strive to foster an inclusive community. Applicants from all backgrounds in technology, cloud computing, and open source communities are welcome. The scholarship program exists to support members of the technical community who may lack the financial sponsorship or means to attend. Applications will be evaluated according to three criteria: Need: Will a scholarship allow the applicant to attend when the…

    • 0 replies
    • 64 views
  9. The total cost of unplanned outages has been rising exponentially each year. A 2016 study conducted by the Ponemon Institute stated that the mean total cost per minute of an unplanned outage was $8,851, a 32% increase since 2013, and a 81% increase since 2010. A 2022 study by EMA Research says that number is up to $12,900. These metrics showcase how crucial it is for organizations to have a solid and well-thought disaster recovery strategy in place in order to reduce downtime and data loss as much as possible once disaster strikes. Ensuring business continuity and safeguarding mission-critical systems against unexpected failures can be time-consuming, expensive, and diffi…

    • 0 replies
    • 73 views
  10. Terraform CLI environment variables reference...The post Terraform Tutorias: CLI environment and predefined/meta variables Complete Reference appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 36 views
  11. Terraform Cloud (HCP Terraform) provides different workspace workflow types, allowing teams to manage infrastructure efficiently based on their preferred automation and collaboration methods. Below are the primary workspace workflow types available in HCP Terraform... The post Terraform Cloud (HCP Terraform) Tutorials: Workspace Workflow types appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 16 views
  12. Here is a table format of the Terraform Cloud (HCP Terraform) Terminology ... The post Terraform Cloud (HCP Terraform) Tutorials: Terminology appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 18 views
  13. Started by Hashicorp,

    Before Terraform 1.11, working with sensitive values was a challenge — sensitive values were always persisted to the Terraform plan artifact and state. As a result, we advised (and still advise) treating your state as sensitive data. This advice applies equally to us as it does to you. To address this, we introduced the concept of ephemerality in Terraform, allowing you to work with sensitive data like passwords and tokens securely, without leaving a trace... View the full article

    • 0 replies
    • 70 views
  14. We recently announced that HashiCorp is officially a part of IBM. Now, we’re focusing on how we can deliver a “better together” experience for users and customers of our mutual products. We have a lot of great things planned. One of the opportunities we have heard great enthusiasm for — and is actively part of customer solutions today — is HashiCorp Terraform with Red Hat Ansible Automation Platform and HashiCorp Vault with Red Hat OpenShift. In the coming months, we plan to collaborate with Red Hat to explore even deeper connections between these offerings, and we’ll share more details as soon as we can. In this blog post, I’ll share some of the opportunities we see here…

    • 0 replies
    • 62 views
  15. Today, we are excited to announce that Terraform migrate is now generally available, providing a purpose-built solution for transitioning from Terraform Community Edition to HCP Terraform and Terraform Enterprise. Designed to reduce manual effort and improve accuracy, it streamlines the migration process, helping teams adopt HCP Terraform and Terraform Enterprise with confidence... View the full article

    • 0 replies
    • 76 views
  16. There are multiple tools available to improve the quality, security, compliance, and performance of Terraform code, just like TFLint and tfsec. These tools can be categorized based on their functionalities such as linting, security scanning, compliance enforcement, cost analysis, testing, and state management... The post Terraform Tutorials: Terraform Tools for Code Quality and Security appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 19 views
  17. Comprehensive Guide to TFSec: Terraform Security ScanningTFSec is a static analysis security scanner designed to identify security vulnerabilities in Terraform Infrastructure-as-Code (IaC) configurations before they are applied to cloud environments... The post Terraform Tutorials: TFSec for Security Scanning appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 15 views
  18. Comprehensive Guide to TFLintTFLint is an open-source Terraform linter (static analysis tool) that checks Terraform configurations for errors, potential bugs, and stylistic or best-practice violations. It helps developers identify issues that Terraform’s built-in validation (terraform validate) might not catch, especially provider-specific problems like invalid AWS instance types or missing required Terraform versions... The post Terraform Tutorials: TFLint, covering installation, configuration, usage appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 18 views
  19. A Terraform module is a collection of configuration files that encapsulate resources used together to achieve a specific outcome. Modules promote reusability, organization, and maintainability in infrastructure as code by allowing you to group related resources and manage them as a single unit... The post Terraform Tutorials: Module Complete Guide appeared first on DevOpsSchool.com. View the full article

    • 0 replies
    • 18 views
  20. Today, we are announcing the general availability of HashiCorp Terraform 1.11, which is ready for download and immediately available for use in HCP Terraform. This version introduces write-only arguments, which let you use ephemeral values in specific managed resource arguments... View the full article

    • 0 replies
    • 59 views
  21. Today we announced that HashiCorp has officially joined the IBM family as the acquisition announced last year was finalized. I wanted to use this moment to reflect on the journey to this point and to look forward to what this means for the next chapter of HashiCorp... View the full article

    • 0 replies
    • 28 views
  22. AWS CloudFormation enables you to model and provision your cloud application infrastructure as code-base templates. Whether you prefer writing templates directly in JSON or YAML, or using programming languages like Python, Java, and TypeScript with the AWS Cloud Development Kit (CDK), CloudFormation and CDK provide the flexibility you need. For organizations adopting multi-account strategies, CloudFormation StackSets offers a powerful capability to deploy resources across multiple regions and accounts in parallel. Last year, we delivered broad set of enhancements that accelerated the development cycle, simplified troubleshooting, and introduced new deployment safety and c…

  23. I has a scenario where I needed to configure an Azure PostgreSQL Flexible Server to use Entra ID (Azure AD) authentication and add the Entra user running the HashiCorp Terraform deployment as the Azure PostgreSQL Administrator using the azurerm_postgresql_flexible_server_active_directory_administrator Terraform resource. Generally, you would use the azuread_user data resource in Terraform to get the Entra […] The article Terraform: Get User Principal Name (UPN) of User Running Deployment without Entra ID Read Permissions was originally published on Build5Nines. To stay up-to-date, Subscribe to the Build5Nines Newsletter. View the full article

    • 0 replies
    • 34 views
  24. Started by Hashicorp,

    Each year, HashiCorp recognizes project teams that embody our Principles through their cross-functional teamwork, via the HashiCorp Principle Awards. Meet our 2025 winning team — and the runners-up. HashiCorp's Principles have always been at the heart of not just what we do, but how we do it. Since 2020, our annual Principle Awards program has recognized individuals or project teams who embodied each of our nine principles. This blog post highlights the winning team and finalists' extraordinary contributions and collaboration, demonstrating our principles at work... View the full article

    • 0 replies
    • 28 views
  25. You can now use AWS CloudFormation templates to create and manage your AWS Transfer Family web apps. This enables you to define and deploy Transfer Family web apps via infrastructure-as-code so you can automate centralized management at scale. With CloudFormation templates, you can programmatically provision and configure your Transfer Family web app, associated customizations, and S3 access grants in a single deployment. This eliminates time-consuming manual configurations and ensures you maintain consistent, secure implementations across departments. You can rapidly scale your file transfer interfaces from hundreds to thousands of users while maintaining strict secur…

  26. As your cloud infrastructure grows and evolves, you may find the need to reorganize your AWS CloudFormation stacks for better management, for improved modularity, or to align with changing business requirements. CloudFormation now offers a powerful feature that allows you to move resources between stacks. In this post, we’ll explore the process of stack refactoring and how it can help you maintain a well-organized and efficient cloud infrastructure... View the full article

  27. AWS CloudFormation introduces a new capability called stack refactoring that makes it easy to reorganize cloud resources across your CloudFormation stacks. Stack refactoring enables you to move resources from one stack to another, split monolithic stacks into smaller components, and rename the logical name of resources within a stack. This enables you to adapt your stacks to meet architectural patterns, operational needs, or business requirements. As your workloads scale and requirements evolve, re-architecting resources into a new stack structure can become necessary. For example, you may need to split a monolithic stack for easier resource lifecycle management or ren…

  28. AWS Marketplace now offers a self-service listing experience for sellers listing or managing Amazon Machine Image (AMI) products with CloudFormation templates (CFT). This launch expands the self-service listing capability previously available for single-AMI, software as a service (SaaS), and container products. With this release, sellers can now create and manage AMI with CloudFormation listings using a new UI experience, replacing the manual spreadsheet process. During listing creation, sellers are guided through a step-by-step workflow to fill in required information about their listings. All changes are initially visible only to the sellers, allowing them to preview…

  29. We are excited to announce new capabilities for Amazon Lex Global Resiliency. Building on our existing regional replication framework, we now support existing alias replication and CloudFormation for enabling bot replication. These new features enhance the existing automation that synchronizes your Lex V2 bots, associated resources, versions, and aliases to paired AWS regions in near real-time, while maintaining hot standby resources for immediate failover or an active-active setup. For contact center customers, this update streamlines disaster recovery by automatically keeping regional configurations in sync. The feature preserves existing alias ARNs during replicatio…

  30. The goal for most organizations is to standardize software development workflows and tooling to simplify operations and ensure security and stability. For provisioning workflows, this means establishing golden workflows and components. However, some applications require more flexibility to build, so experienced developers and operators will need more leeway to provision infrastructure outside certain guardrails. HCP Terraform (formerly Terraform Cloud) allows this flexibility through API-driven workflows. These workflows offer customization but they are more complex than UI/version control system (VCS) or CLI-driven workflows, so it's recommended that experienced Terrafor…

    • 0 replies
    • 10 views
  31. AWS User Notifications is now supported on AWS CloudFormation, allowing you to easily provision and manage User Notification resources as part of your application's infrastructure-as-code (IaC). You can easily use User Notification to Configure Notifications to be sent via the Console Notifications Center, email, AWS Chatbot, or mobile push notifications to the AWS Console Mobile App to keep you informed about important events like Amazon CloudWatch Alarms. With this new capability, you can define Notification Configurations as part of your IaC practices. Specify notification configurations for specific resource types within your CloudFormation templates. For example, …

  32. Today, we are announcing AWS CloudFormation support for AWS Parallel Computing Service (AWS PCS). Using AWS CloudFormation, you can easily create and manage PCS clusters and automate your cluster administration tasks. AWS PCS is a managed service that makes it easier for you to run and scale your high performance computing (HPC) workloads and build scientific and engineering models on AWS using Slurm. You can use AWS PCS to build complete, elastic environments that integrate compute, storage, networking, and visualization tools. AWS PCS simplifies cluster operations with managed updates and built-in observability features, helping to remove the burden of maintenance. Y…

  33. AWS CloudFormation and Terraform — not sure which to choose? This article will help you reach an intelligent decision. Cloud computing has revolutionized the world of DevOps. It is not just a buzzword anymore; it is here to change the way we develop and maintain our applications. While there are countless reasons why you should use cloud computing for all scales of businesses, there is a slight limitation: You have to provision your infrastructure manually. View the full article

    • 0 replies
    • 27 views
  34. Dynatrace is proud to be the first AWS global tech partner to offer ready-to-use CloudFormation templates for validating the Well-Architected pillars. The Dynatrace CloudFormation templates are now available in the AWS CloudFormation Public Extensions Registry, which makes Well-Architected validation even more accessible for AWS users. Dynatrace and the AWS Well-Architected Framework ensure continuous optimization of cloud architecture, aligning with the key pillars of operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability. Our previous blog post discussed the importance of integrating Dynatrace with the AWS Well-Archi…

  35. Today we are announcing the integration of AWS CloudFormation Hooks with AWS Cloud Control API (CCAPI). This integration enables the use of hooks to validate the configuration of resources being provisioned through CCAPI. In this blog post, we will explore the integration between CloudFormation Hooks and CCAPI by configuring an existing hook to work with CCAPI and then test that hook using the AWS CLI and Terraform... View the full article

  36. AWS CloudFormation is a service that allows you to define, manage, and provision your AWS cloud infrastructure using code. To enhance this process and ensure your infrastructure meets your organization’s standards, AWS offers CloudFormation Hooks. These Hooks are extension points that allow you to invoke custom logic at specific points during CloudFormation stack operations, enabling you to perform validations, make modifications, or trigger additional processes. Among these, the Lambda hook is a powerful option provided by AWS. This managed hook allows you to use Lambda functions to validate your CloudFormation templates before deployment. By using a Lambda hook, you can…

  37. When working with AWS CloudFormation, sometimes it’s necessary to incorporate optional dependencies into your template. Recently, I encountered a situation where I had to build a single CloudFormation template to manage both a VPC and an application—though, generally, I recommend separating these into distinct templates for easier management. Using a single template introduces complexity, as you must explicitly manage dependencies using the DependsOn attribute to ensure proper resource creation order... View the full article

  38. In the world of cloud, hybrid, and on-premises Infrastructure as Code (IaC), where managing and provisioning infrastructure through code has become indispensable, tools like OpenTofu play a pivotal role. The evolutions of IaC tools continues with OpenTofu, as a fork of Terraform that offers a more open-source, community-driven alternative that is managed by the Linux […] The article OpenTofu: Open Source Alternative to Terraform appeared first on Build5Nines. View the full article

  39. One of the most popular cloud-native, PaaS (Platform as a Service) products in Microsoft Azure is Azure App Service. It enables you to easily deploy and host web and API applications in Azure. The service supports ways to configure App Settings and Connection String within the Azure App Service instance. Depending on who has access […] The article Terraform: Deploy Azure App Service with Key Vault Secret Integration appeared first on Build5Nines. View the full article

    • 1 reply
    • 311 views
  40. HashiCorp Terraform empowers DevOps Engineers and SREs to manage cloud resources efficiently. One of its standout features is the Terraform Modules support, allowing users to organize and reuse infrastructure code effectively as reusable modules. While Terraform’s native module registry serves as a central hub for sharing modules, sometimes you may prefer hosting modules in your […] The article Terraform: Modules using Git Branch as Source appeared first on Build5Nines. View the full article

  41. IBM has announced its acquisition of HashiCorp Inc., a leading multi-cloud infrastructure automation company, for $6.4 billion! This acquisition is poised to revolutionize the hybrid cloud landscape, offering enterprises a comprehensive end-to-end solution to navigate the complexities of today’s AI-driven application growth. Let’s look at the details of this cloud changing acquisition and its implications […] The article Analyzing IBM’s Acquisition of HashiCorp: A Game-Changer in Hybrid Cloud Management appeared first on Build5Nines. View the full article

  42. In HashiCorp Terraform, data sources serve as a bridge between the Terraform configuration and external systems or information. Essentially, data sources allow Terraform to query external resources, such as cloud platforms, APIs, databases, or other systems, and use the retrieved information within the configuration. Unlike resources, which represent infrastructure components to be managed by Terraform, […] The article Terraform: How are Data Sources used? appeared first on Build5Nines. View the full article

  43. Started by KodeKloud,

    You already know that Terraform is a popular open-source Infrastructure provisioning tool. And that AWS is one of the leading cloud providers with a wide range of services. But have you ever wondered how Terraform can help you better take advantage of the services AWS has to offer? This guide will explain how Terraform and AWS work together to give you insight and control over your cloud resources... View the full article

    • 0 replies
    • 1.7k views
  44. When using HashiCorp Terraform as the Infrastructure as Code (IaC) tool of choice, it becomes critical to organize the Terraform code as the Terraform project becomes more complex. One of the most common practices is to split the Terraform project from a single file (typically named main.tf) into multiple smaller files. This helps increase maintainability […] The article Terraform: Split main.tf into seperate files appeared first on Build5Nines. View the full article

    • 0 replies
    • 413 views
  45. Terraform’s declarative approach allows for defining infrastructure as code (IaC), enabling teams to automate the deployment and management of resources across various cloud providers, including Microsoft Azure and Amazon AWS. As infrastructure evolves, there may arise a need to remove resources from the Terraform state that are no longer required. When you manually delete resources […] The article Terraform: Remove Resource from State File (.tfstate) appeared first on Build5Nines. View the full article

  46. Started by KodeKloud,

    Cloud Computing has transformed the IT industry by simplifying IT infrastructure management. With Cloud Computing, organizations can easily provision and scale resources as needed without worrying about the underlying infrastructure. Two of the most commonly used tools for infrastructure management and provisioning are Ansible and Terraform. This article discusses what each of the two tools does, their key features, and how they compare in the IaC world... View the full article

    • 0 replies
    • 205 views
  47. With Infrastructure as Code (IaC), every aspect of an organization’s infrastructure is defined and managed through code. This infrastructure deployment and configuration automation makes managing the organizations infrastructure much easier over time. Also, by committing the IaC code that configurations the infrastructure into source control, there are change tracking and other benefits for the organizations […] The article Benefits of Convention over Configuration for IaC Deployment Projects appeared first on Build5Nines. View the full article

  48. HashiCorp Terraform is a great Infrastructure as Code (IaC) tool that allows you to easily manage many resources efficiently. While you can write Terraform code for each individual resource, Terraform supports for_each loops and other programming constructs that enable more efficient resource management to be programmed within a Terraform project. This article will show you […] The article Terraform: How to for_each through a list(objects) appeared first on Build5Nines. View the full article