Our great sponsors
-
digger
Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline ⚡️
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
-
former2
Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.
-
-
terragrunt
Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
regula
Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego
-
Digger is an Open Source IaC management platform that allows you to orchestrate terraform/OpenTofu in your CI/CD system. It helps you resue async jobs infrastructure with compute, orchestration, logs, etc of your existing CI. Digger also has a pro version built on top of Digger’s community edition. Digger’s “bring your own compute” ensures that users have private runners by defualt and don’t have to pay for it additionally. Digger pro gives team leads, managers and IaC practitioners dashboards, Drift Detection, RBAC via OPA policies and concurrency so they can help guide the team.
Terraboard is a web-based dashboard designed for visualizing and querying Terraform states. It offers several key features: an overview page that lists the most recently updated state files along with their activities; a detailed state page showing versions and resource attributes of state files; a search interface for querying resources by type, name, or attributes; and a diff interface for comparing state versions. Terraboard supports various remote state backend providers, including AWS S3 for state management and DynamoDB for locking, S3-compatible backends like MinIO, Google Cloud Storage, Terraform Cloud (remote), and GitLab. This makes it a versatile tool for managing and understanding Terraform state files.
Checkov is a versatile static code analysis tool designed for infrastructure as code (IaC) and software composition analysis (SCA). It supports a wide range of technologies, including Terraform, CloudFormation, Kubernetes, Docker, and others, to detect security and compliance issues through graph-based scanning. Checkov also performs SCA scans, identifying vulnerabilities in open source packages and images by checking for Common Vulnerabilities and Exposures (CVEs). Additionally, it is integrated into Prisma Cloud Application Security, a platform that helps developers secure cloud resources and infrastructure-as-code files, enabling the identification, rectification, and prevention of misconfigurations throughout the development lifecycle.
Former2 is a tool that automates the creation of Infrastructure-as-Code (IaC) scripts from existing AWS resources. It utilizes the AWS JavaScript SDK to scan the user’s AWS infrastructure, identifying all available resources. Users can then select from this list which resources they want to include in their IaC outputs. This process simplifies the task of writing IaC scripts, especially for complex environments, by directly converting current AWS configurations into ready-to-use code. Former2 is particularly useful for documenting existing infrastructure or for migrating manually created resources into an IaC framework.
Infracost is a tool that provides cloud cost estimates for infrastructure managed by Terraform. It enables engineers to view and understand the financial impact of their infrastructure changes before they are applied. Infracost integrates directly into the workflow, offering cost breakdowns in various environments like the terminal, Visual Studio Code, or directly within pull requests. This feature allows for more informed decision-making regarding infrastructure modifications, promoting cost-awareness and budget management in the early stages of development. Infracost is particularly useful for teams looking to balance cloud resource utilization with budget constraints. Infracost Cloud is their SaaS product that builds on top of Infracost open source and works with CI/CD integrations. It gives team leads, managers and FinOps practitioners dashboards, guardrails, centralized cost policies and Jira integration so they can help guide the team (e.g. switch AWS GP2 volumes to GP3).
Created and maintained by Gruntwork, Terragrunt is a tool designed to enhance Terraform’s capabilities. It acts as a thin wrapper around Terraform, offering additional features to streamline and optimise Terraform usage. Key functions of Terragrunt include helping users keep their Terraform configurations DRY (Don’t Repeat Yourself), efficiently managing multiple Terraform modules, and handling remote state management. By reducing repetition in Terraform code and simplifying the management of complex module dependencies and remote state, Terragrunt makes working with Terraform more efficient, especially for larger or more complex infrastructure deployments.
Sato is a conversion tool designed to translate CloudFormation and ARM (Azure Resource Manager) templates into Terraform configurations. Developed in Go, Sato stands out for its speed and efficiency in this conversion process. By automating the translation of existing templates into Terraform’s syntax, Sato facilitates a smoother and quicker migration to Terraform’s ecosystem.
Star Pretty Plan on GitHub ⭐️
Regula is a dynamic tool designed for pre-deployment security and compliance checks of infrastructure as code (IaC) for multiple cloud providers and Kubernetes. It supports an array of file types, including CloudFormation JSON/YAML templates, Terraform source code and JSON plans, Kubernetes YAML manifests, and Azure Resource Manager (ARM) JSON templates (currently in preview). Regula leverages a rule library written in Rego, the language used by the Open Policy Agent (OPA) project, offering robust policy evaluation. It integrates seamlessly with popular CI/CD tools like Jenkins, Circle CI, and AWS CodePipeline, and even includes a GitHub Actions example for easy setup. Regula’s policies are aligned with CIS Benchmarks for AWS, Azure, Google Cloud, and Kubernetes, aiding in comprehensive compliance assessments. This tool is actively developed and maintained by the team at Fugue.
TFlint is a powerful linter for Terraform, designed to catch errors and issues that terraform plan may not detect. As Terraform grows in popularity for infrastructure as code, the need for robust tools to ensure code quality and reliability becomes paramount. TFlint fulfills this need by analyzing Terraform configurations to find problems that are not covered by syntax checks. It checks for things like unsuitable AWS instance types, incorrect IAM policy syntax, and the use of deprecated syntax or features. By integrating TFlint into the development process, users can proactively identify potential problems, improving the stability and efficiency of their infrastructure deployments. This additional layer of validation is crucial for maintaining high standards in complex, cloud-based infrastructures.