Security

8 articles

OpenTofu State Encryption: Protect Secrets at Rest

Configure OpenTofu's built-in state encryption to protect sensitive values at rest. AES-GCM with PBKDF2 or AWS KMS / GCP KMS / Azure Key Vault key providers.

May 4, 20263 min read

DevOps

Terraform for Digital Provenance: C2PA Content Signing on AWS

Provision digital provenance and C2PA content signing infrastructure with Terraform: certificate authorities, signing services, ledgers, and verification APIs.

May 4, 20262 min read

DevOps

Terraform for AI Security: Guardrails, Model Access Control, and Threat Detection

Secure AI workloads with Terraform. Deploy Bedrock guardrails, model access IAM policies, prompt injection detection

Apr 12, 20264 min read

DevOps

Terraform for Confidential Computing: Deploy Nitro Enclaves and TEEs on AWS

Deploy confidential computing with Terraform on AWS. Provision Nitro Enclaves for data-in-use protection, configure KMS attestation policies

Apr 12, 20264 min read

DevOps

Terraform for Data Sovereignty: Geopatriation and Sovereign Cloud on AWS

Implement data sovereignty and geopatriation with Terraform on AWS. Enforce data residency with SCPs, deploy region-locked infrastructure

Apr 12, 20264 min read

DevOps

Terraform Ephemeral Resources Explained: Temporary Values for Secrets and Tokens

Learn Terraform ephemeral resources for handling secrets and tokens without storing them in state. Temporary values for passwords, API keys

Apr 12, 20263 min read

DevOps

Terraform for Post-Quantum Cryptography: Migrate TLS and KMS to PQC on AWS

Prepare for post-quantum cryptography with Terraform. Configure hybrid TLS policies, KMS key types, ACM certificates

Apr 12, 20264 min read

DevOps

Terraform for Preemptive Cybersecurity: Proactive Defense Infrastructure on AWS

Build preemptive cybersecurity infrastructure with Terraform. Deploy GuardDuty, Security Hub, Inspector, Config rules

Apr 12, 20263 min read