Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
For the CI / CD pipeline, I had to set up Git Actions, I'd never used it before but this video was a great tutorial and really helped me understand the functionality and workflows. I had a really annoying issue where my dynamodb configurations would throw an error, (Error: error updating DynamoDB Table (...) time to live: error updating DynamoDB Table (...) Time To Live: ValidationException: TimeToLive is already disabled), every time I tried to run Terraform Apply. Turns out this is a known issue, this post helped me resolve the error.
Once I completed the main steps of the challenge, I went back to do some security modificaions including enabled DNSSEC, deploying WAF (I ended up removing this as the costs were quite high and instead set up account level throttling for my API) and running IAM Access Analyser to flag anything I'd over permissioned. I also set up Git commit signing and added a new Git Action workflow to run Tfsec any time I updated my terraform config files
Related posts
- How To Manage Amazon GuardDuty in AWS Organizations Using Terraform
- AWS EKS: From IRSA to Pod Identity With Terraform
- AWS Makes Cloud Formation Stack Creation Up to 40% Faster
- Shielding Your Apps in the Cloud: Integrating CloudFront and AWS WAF with Terraform
- Authorization and Amazon Verified Permissions - A New Way to Manage Permissions Part XII: Terraform