Your Terraform state file is a plaintext secrets store. Mine was too.
Here's a fact that's easy to forget until it bites you: a Terraform state file stores resource attributes in plaintext — and that includes secrets. RD…
Latest Web news from Tech News
All topics
AI
agents
ai
api
architecture
automation
aws
beginners
career
claude
database
devchallenge
devops
javascript
learning
linux
llm
machinelearning
mcp
opensource
performance
productivity
programming
python
react
security
showdev
tutorial
typescript
webdev
Infrastructure as Code (IaC) is Not an Add-On
When rotations drift and no one remembers who changed what, the pager still works but trust erodes. Incident management belongs in Git, reviewed and a…
I built a Terraform security scanner that lives inside GitHub PRs
The problem IAM wildcards and public S3 buckets keep slipping through Terraform code review. Tools like Checkov and tfsec exist but they live in CI, r…
Demystifying Terraform: Bridging the Gap Between Infrastructure and Cloud
Let’s face it, tech events are thrilling, but can also be quite overwhelming. I went to AWS Student Community Day on 1st November 2025 in Tirupati. Th…
Terraform vs Pulumi: IaC Tools Compared
Overview Terraform and Pulumi are the two leading infrastructure as code tools. Terraform uses HCL (HashiCorp Configuration Language) while Pulumi let…
MongoDB DR Drill Automation with Terraform, Python & Jenkins — How We Made Restores Boring
Backups Don't Save You. Restores Do. We ran a MongoDB restore drill last quarter. It failed — not the restore itself, but the confidence. Nobody in th…
Going Serverless - AWS Lambda Functions
👋 Hey there, tech enthusiasts! I'm Sarvar, a Cloud Architect with a passion for transforming complex technological challenges into elegant solutions. …
I'm 62 and I built a self-hosted AWS drift detector because I was tired of spreadsheets
I came to programming late — I didn't get into this world until I was past 35, and I'm 62 now, still writing code every day. This is a "build in publi…
Refactoring Terraform: From One File to Modules
My three-tier AWS architecture worked. VPC, subnets, bastion host, app server, RDS, all deployed and running. But my main.tf was a flat file with ever…
Terraform vs CDK vs Pulumi: Choosing Your Infrastructure-as-Code Tool
The IaC landscape split into two philosophies about a decade ago and hasn't fully resolved the argument since. On one side: declarative configuration …
Multicloud Execution Portability: Abstracting AWS DynamoDB and Azure Cosmos DB via Hexagonal Architecture
Monolithic data access layers inherently bind compute execution to a specific cloud provider's proprietary database SDK. When an enterprise applicatio…
Building an Enterprise Progressive Delivery Platform on AWS EKS with Argo Rollouts, Prometheus, Grafana, Terraform, and GitHub Actions
A production-style DevOps project showing secure infrastructure provisioning, canary deployments, automated rollback, observability, CI/CD, and privat…
Building a PySpark and AWS Glue ETL Pipeline for Search Keyword Revenue Analysis
I published a public data engineering project that demonstrates a cloud-based ETL pipeline for analyzing web analytics search keyword revenue. The pro…
Surviving Global Vendor Outages: Federated Cellular Architecture with EKS, AKS, and Istio
Monolithic multi-region architectures inherently rely on vendor specific global control planes. When a catastrophic degradation strikes an underlying …
What If You Need Two ArgoCD Instances in One EKS Cluster?
Most ArgoCD tutorials start the same way: Deploy ArgoCD. Connect a Git repository. Create an Application. Done. But what happens when multiple teams s…
How I Built an AWS Cloud Security Project as a University Student
When most CS students are building simple CRUD apps for their thesis, I decided to go a different route. I built SecurePath — an automated AWS cloud s…
🦄 Modernizing Wild Rydes with modern technologies
Wild Rydes was an old project used by AWS hands-on labs to show how to deploy a serverless application using its services. It consists of a Uber-like …
173 Undocumented Security Findings in TerraGoat: What Standard IaC Scanners Miss (and Why Post-Quantum Matters)
TerraGoat is the canonical vulnerable Terraform repository maintained by Bridgecrew (now Prisma Cloud). It has over 5,000 GitHub stars and is used by …
Your Terraform estate documents itself now: meet iac-cartographer
"Wait: How many Terraform repos do we actually have? And what's in them?" If that question makes you wince, this post is for you. It started as a bori…
IaC Drift Is Inevitable — Design for Detection, Not Prevention
Drift is not a tooling failure. It is evidence that multiple control planes still exist. IaC drift detection is typically treated as an operational hy…
Deploy a Node.js App to STACKIT Kubernetes Engine With Managed Redis & PostgreSQL
In this post, I'll walk you through how I deployed a URL shortener app, with a managed PostgreSQL database, a managed Redis cache, and a full Kubernet…
Zero-Downtime Blue-Green and IP-Based Canary Deployments on ECS Fargate
Most ECS blue-green deployment tutorials eventually lead to the same stack: AWS CodeDeploy Deployment groups AppSpec files Lifecycle hooks Weighted tr…
Terraform with AI: Build AWS Infra (Cursor + MCP)
Why Terraform with AI Matters in Modern DevOps Writing Terraform for anything beyond a small setup quickly becomes tedious. Once you start dealing wit…
HashiCorp built an MCP server for writing Terraform. I built one for reviewing it
HashiCorp built an MCP server for writing Terraform. I built one for reviewing it. A few weeks ago HashiCorp shipped terraform-mcp-server . It's an of…
Zero to Kubernetes Part 5: Two Frontends + Complete Stack
Series: Zero to Kubernetes — Part 1 · Part 2 · Part 3 · Part 4 · Part 5 You've made it to the final part. You now have a real Kubernetes cluster, auto…
What's New: Terraform Support, Kubernetes and AWS Automation, Bring Your Own Bucket, and UX Improvements
What's New in OpenObserve: Terraform Support, Kubernetes and AWS Automation, Bring Your Own Bucket, and UX Improvements OpenObserve has shipped three …
A hard-earned rule from incident retrospectives:
LinkedIn Draft — Workflow (2026-05-19) A hard-earned rule from incident retrospectives: Incident RCA without a data-backed timeline is just a story yo…
I Benchmarked 11 AI Models on Terraform Compliance. My Default Was Wrong.
Running the same compliance scan across 11 models revealed that cost and accuracy are independent variables — and my default was failing 1 in 5 tests.…
A Practical Terraform Security Review with Codex and Claude Code
A Practical Terraform Security Review with Codex and Claude Code A Terraform repository is not just code. It is a map of your cloud control plane. It …
Build the infrastructure and understand Terraform
Senerio In the previous section , we know how to set up Terraform on Ubuntu24.04. Now, in this section we will learn how to use the Terraform to Initi…