pike
terraform-switcher
Our great sponsors
pike | terraform-switcher | |
---|---|---|
6 | 9 | |
499 | 1,300 | |
- | - | |
9.3 | 2.6 | |
6 days ago | 5 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pike
-
Top Terraform Tools to Know in 2024
Pike is a tool that analyzes Terraform managed resources and automatically generates the necessary IAM permissions, improving security by ensuring that only the minimum necessary permissions are granted.
- Show HN: Slauth.io (YC S22) – IAM Policy Auto-Generation
-
Open Source Terraform projects - azure focused (open to other providers as well)
I test out the Api the hard way, I make a resource and test it with a role that doesnt have the permissions (see the folder i linked), the Api (with azure anyway) tells you what you lack, azure tends to be simpler with crud permissions than aws. I then have another privilege tole that can update the first with each permission and iterate: https://github.com/JamesWoolfenden/pike/tree/master/terraform/azurerm, i then create the mapping file for that resource and add it. I can show you if you need help - send me an email/message/zoom. If you figure a better way i'm all ears, but this way I can be sure on what permissions are required.
-
Can I generate permissions needed to run a TF script on AWS, GCP or Azure?
You can run my tool pike on your tf to generate iam for aws and gcp. Get it here https://github.com/jamesWoolfenden/pike
- Can I auto-generate AWS IAM policy document based on directory of existing Terraform code so that CI has limited access to what it can deploy?
-
Pike: Tool to determine your IAM requirements from code
I wrote a small tool called Pike. It looks at your TF code and determines and create the IAM policy/Tf resource required to build it. To help you stick to least privilege in your build process. It currently supports a small but growing sub-set of AWS resources, it will support other providers. Use it or ?, but would welcome feedback https://github.com/JamesWoolfenden/pike . Its open source and always will be.
terraform-switcher
-
Top Terraform Tools to Know in 2024
TFSwitch is a CLI tool that allows easy switching between different Terraform versions, simplifying workflows in environments where multiple Terraform versions are used.
- Breve guia de sobrevivência com Terraform
-
Asdf – the language tool version manager
tfswitch might help with particular issue of terraform versioning:
https://tfswitch.warrensbox.com/
Even then some versions of terraform providers are not compatible with M1 macs. Docker would help with that probably, but so can: https://github.com/kreuzwerker/m1-terraform-provider-helper
Perhaps these sort of issues support the benefits of per-module docker images?
-
Best strategy to upgrade Terraform code?
My approach is to change the version in the version.tf file, install the new version using tfswitch (https://tfswitch.warrensbox.com/) and execute a plan. If infrastructure matches the configuration I will asume there are no breaking changes...
-
New Lifecycle Options and Refactoring Capabilities in Terraform 1.1 and 1.2
Also, an excellent tool can help with fast switching between different Terraform versions while you’re experimenting — tfswitch.
- Managing multiple terraform versions across modules
-
Local credentials and MFA
https://tfswitch.warrensbox.com/ for switching between Terraform versions
-
VSCode plugin very slow at terraform fmt on save
It was easy. I didn't use terraform-version files like you, but there are similar ways to automatically switch versions. https://github.com/warrensbox/terraform-switcher
-
Terraforming in 2021 – new features, testing and compliance
Terraform Switcher - yet another project essentially doing the same written in go;
What are some alternatives?
KubeArmor - Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
tfenv - Terraform version manager
iamlive - Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
netmaker-gui - An alternate UI for Netmaker (https://github.com/gravitl/netmaker)
aztfy - A tool to bring existing Azure resources under Terraform's management [Moved to: https://github.com/Azure/aztfexport]
terraform-ls - Terraform Language Server
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/tenable/terrascan]
tflint - A Pluggable Terraform Linter
aws-vault - A vault for securely storing and accessing AWS credentials in development environments
inspec - InSpec: Auditing and Testing Framework
terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language