pike
terratest
Our great sponsors
pike | terratest | |
---|---|---|
6 | 46 | |
499 | 7,336 | |
- | 0.8% | |
9.3 | 8.4 | |
7 days ago | 4 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pike
-
Top Terraform Tools to Know in 2024
Pike is a tool that analyzes Terraform managed resources and automatically generates the necessary IAM permissions, improving security by ensuring that only the minimum necessary permissions are granted.
- Show HN: Slauth.io (YC S22) – IAM Policy Auto-Generation
-
Open Source Terraform projects - azure focused (open to other providers as well)
I test out the Api the hard way, I make a resource and test it with a role that doesnt have the permissions (see the folder i linked), the Api (with azure anyway) tells you what you lack, azure tends to be simpler with crud permissions than aws. I then have another privilege tole that can update the first with each permission and iterate: https://github.com/JamesWoolfenden/pike/tree/master/terraform/azurerm, i then create the mapping file for that resource and add it. I can show you if you need help - send me an email/message/zoom. If you figure a better way i'm all ears, but this way I can be sure on what permissions are required.
-
Can I generate permissions needed to run a TF script on AWS, GCP or Azure?
You can run my tool pike on your tf to generate iam for aws and gcp. Get it here https://github.com/jamesWoolfenden/pike
- Can I auto-generate AWS IAM policy document based on directory of existing Terraform code so that CI has limited access to what it can deploy?
-
Pike: Tool to determine your IAM requirements from code
I wrote a small tool called Pike. It looks at your TF code and determines and create the IAM policy/Tf resource required to build it. To help you stick to least privilege in your build process. It currently supports a small but growing sub-set of AWS resources, it will support other providers. Use it or ?, but would welcome feedback https://github.com/JamesWoolfenden/pike . Its open source and always will be.
terratest
-
Top Terraform Tools to Know in 2024
Terratest is a Go library that provides tools and patterns for testing infrastructure, with first-class support for Terraform, Packer, Docker, Kubernetes, and more. It's used to write automated tests for your infrastructure code.
-
Saw a not-so-good thing in my pipeline. How do we fix it?
I think I found it. This is the one right? https://github.com/gruntwork-io/terratest/
-
terracove - open-source to instantly test the health of your terraform/terragrunt repository
What it does in parallel is basically init/plan/show using terratest on every subdirectory on your repository tree or provided paths. The output is either a JSON summary or a custom made Junit XML test file you can ingest into your tests reader. It took it around 8 minutes to map the entirety of our bloated repository.
-
Trunk Based Development: Confused about how to test code before pushing to main? How does the deploy process work for many environments?
You could deploy to a separate account (usually dev first), you can use terratest, you could try something like LocalStack. I dare say there’s other methods.
-
terratest for infrastructure
Was wondering if anyone has tried https://github.com/gruntwork-io/terratest to test their infrastructure. I like it because I can write golang tests! Thats a big plus for me.
- Is there a testing framework for Kubernetes and AWS resources?
-
How long have you guys actually had the title “platform engineer”? What other titles did you have before that, if any?
Once there is a CI pipeline for delivering infra changes you can add static code analysis tools (checkov) and even start testing changes (terratest)
-
Testing Terraform infra - terratest alternatives?
https://github.com/gruntwork-io/terratest/blob/master/test/azure/terraform_azure_example_test.go https://github.com/gruntwork-io/terratest/blob/master/examples/terraform-backend-example/main.tf
-
Appreciation for terraform
Another plus is to add tests into your workflow, just by adding a run step with terratest
-
Breve guia de sobrevivência com Terraform
Terratest: Framework de testes para Terraform, os testes devem ser escritos em Golang.
What are some alternatives?
KubeArmor - Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).
inspec - InSpec: Auditing and Testing Framework
iamlive - Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
aztfy - A tool to bring existing Azure resources under Terraform's management [Moved to: https://github.com/Azure/aztfexport]
driftctl - Detect, track and alert on infrastructure drift
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/tenable/terrascan]
terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
tflint - A Pluggable Terraform Linter
atlantis - Terraform Pull Request Automation
conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]