DevOps
Terraform for OpenBSD VMs on AWS, Vultr, and Proxmox
Provision OpenBSD VMs with Terraform: AWS EC2 unofficial AMIs, Vultr official images, Proxmox install, and pf firewall bootstrap.
1 min read
#Security
18 articles
OpenTofu
OpenTofu State Encryption: Protect Secrets at Rest
Configure OpenTofu's built-in state encryption to protect sensitive values at rest. AES-GCM with PBKDF2 or AWS KMS / GCP KMS / Azure Key Vault key providers.
3 min read
DevOps
Terraform for Digital Provenance: C2PA Content Signing on AWS
Provision digital provenance and C2PA content signing infrastructure with Terraform: certificate authorities, signing services, ledgers, and verification APIs.
2 min read
Terraform
Terraform Sentinel Policies - Policy as Code
Enforce governance with Terraform Sentinel policies. Cost controls, security guardrails, compliance rules, and custom policy sets for Terraform Cloud and...
2 min read
Terraform
Terraform with HashiCorp Vault - Secrets Management
Integrate Terraform with HashiCorp Vault for secrets management. Read secrets, dynamic credentials, AWS/database secret engines, and AppRole authentication.
2 min read
Terraform
Terraform on Ubuntu 26.04 LTS - sudo-rs, APT Rollback, and Hardened Base Images
Install and run Terraform on Ubuntu 26.04 LTS Resolute Raccoon. Covers sudo-rs as default, APT 3.2 rollback, Kernel 7.0, Wayland-only, ROCm, and building...
5 min read
DevOps
Terraform for AI Security: Guardrails, Model Access Control, and Threat Detection
Secure AI workloads with Terraform. Deploy Bedrock guardrails, model access IAM policies, prompt injection detection
4 min read
DevOps
Terraform for Confidential Computing: Deploy Nitro Enclaves and TEEs on AWS
Deploy confidential computing with Terraform on AWS. Provision Nitro Enclaves for data-in-use protection, configure KMS attestation policies
4 min read
DevOps
Terraform for Data Sovereignty: Geopatriation and Sovereign Cloud on AWS
Implement data sovereignty and geopatriation with Terraform on AWS. Enforce data residency with SCPs, deploy region-locked infrastructure
4 min read
DevOps
Terraform Ephemeral Resources Explained: Temporary Values for Secrets and Tokens
Learn Terraform ephemeral resources for handling secrets and tokens without storing them in state. Temporary values for passwords, API keys
3 min read
DevOps
Terraform for Post-Quantum Cryptography: Migrate TLS and KMS to PQC on AWS
Prepare for post-quantum cryptography with Terraform. Configure hybrid TLS policies, KMS key types, ACM certificates
4 min read
DevOps
Terraform for Preemptive Cybersecurity: Proactive Defense Infrastructure on AWS
Build preemptive cybersecurity infrastructure with Terraform. Deploy GuardDuty, Security Hub, Inspector, Config rules
3 min read
Guides
How to Manage Secrets and Sensitive Data in Terraform
Best practices for managing secrets, passwords, and sensitive data in Terraform configurations. Step-by-step guide with code examples and best practices for ...
2 min read
Guides
Terraform AWS IAM - Roles, Policies, and Best Practices
How to manage AWS IAM roles, policies, and permissions with Terraform following security best practices. Step-by-step guide with code examples and best pract...
2 min read
DevOps
Fix Terraform Error: KMS Key AccessDeniedException
Fix terraform KMS AccessDeniedException errors. Update KMS key policies, add IAM permissions for kms:CreateGrant and kms:Decrypt
2 min read
Troubleshooting
Fix Terraform Error - Output Refers to Sensitive Value
Fix the Terraform output refers to sensitive values error. Covers sensitive outputs, nonsensitive function, module outputs, and secrets management patterns.
3 min read
DevOps
Terraform Security Best Practices: Secrets, State, and Access Control
Secure your Terraform workflows. Never hardcode secrets, encrypt state files, use least-privilege IAM, scan with tfsec/checkov
4 min read
Back-End Development
Coursera Back-End Infrastructure: Servers, Secure APIs and Data
Learn back-end infrastructure management, secure API design, and data protection strategies. Enroll for free on Coursera.
3 min read