Some gotchas when deploying an AKS Application Gateway Ingress Controller with an existing Application Gateway using Terraform
You can test Terraform without an Azure/AWS/GCP subscription. It’s free to use.
You can run a Function App with Managed Identity for assigning Azure and API permissions. Managed Identities simplify authentication.
You can set Diagnostic Settings on Azure Management Groups with REST API, and by extension Terraform AzApi!
Connect Subscription Activity Log with Azure Event Hubs for sending logs to third party SIEM using Terraform. Reduced scope for RBAC permission on Auth rule.
This post provides some insights, tips and information on Azure Terraform authentication.
Use Terraform AzApi provider to deploy an Azure Firewall Policy Rule Collection Group containing Mssql type application rule.
You can use checkov to scan you Iac code for misconfigurations in a DevSecOps manner. It can also be integrated with pre-commit. If you want, it can be applied to Bicep, Kubernetes or other supported frameworks.
You can use pre-commit-terraform to catch basic syntax errors before commiting to repository. It is also possible to write automatic Markdown documentation!
Last time I wrote about deploying a Self-Hosted GitHub-Runner locally on your own machine. This is obviously not a production grade way of running, but…