You can set Diagnostic Settings on Azure Management Groups with REST API, and by extension Terraform AzApi!
Connect Subscription Activity Log with Azure Event Hubs for sending logs to third party SIEM using Terraform. Reduced scope for RBAC permission on Auth rule.
This post provides some insights, tips and information on Azure Terraform authentication.
Use Terraform AzApi provider to deploy an Azure Firewall Policy Rule Collection Group containing Mssql type application rule.
You can use checkov to scan you Iac code for misconfigurations in a DevSecOps manner. It can also be integrated with pre-commit. If you want, it can be applied to Bicep, Kubernetes or other supported frameworks.
You can use pre-commit-terraform to catch basic syntax errors before commiting to repository. It is also possible to write automatic Markdown documentation!
Remove your Management Groups recursively when empty. This script will enable you to delete an empty management group tree.
Azure Firewall might be costly for labbing purposes, but with this tip you don’t have to remove it every time. Deallocate with PowerShell!
Want to authenticate your GitHub Workflows with OpenID Connect? It is a great way to replace manual ClientSecrets! Exemplified with a simple Bicep workflow.
When I saw that there was a repository available where Azure Landing Zones (previously known as Enterprise Scale Landing Zones) was being “bicepified”, I had to test it out! 💪