You can test Terraform without an Azure/AWS/GCP subscription. It’s free to use.
You can set Diagnostic Settings on Azure Management Groups with REST API, and by extension Terraform AzApi!
Connect Subscription Activity Log with Azure Event Hubs for sending logs to third party SIEM using Terraform. Reduced scope for RBAC permission on Auth rule.
You can use checkov to scan you Iac code for misconfigurations in a DevSecOps manner. It can also be integrated with pre-commit. If you want, it can be applied to Bicep, Kubernetes or other supported frameworks.
While working on IaC templating for an Azure Application Gateway, I stumbled upon a to me different use of the resourceId function. Will try to…