Our great sponsors
-
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
terratest
Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.
I think one of the key things to achieve once you start realising the power of Terraform and move beyond single person teams is running it in CI. You could check out some of the services that provide this like Atlantis or Spacelift or just using your CI provider of choice. The security implications are daunting but honestly in the end much better than entrusting individual laptops with this access.
Once there is a CI pipeline for delivering infra changes you can add static code analysis tools (checkov) and even start testing changes (terratest)
Once there is a CI pipeline for delivering infra changes you can add static code analysis tools (checkov) and even start testing changes (terratest)