I’m learning Terraform.
This is just a list of stuff that might help me to work with it better.
- Prettyplan help you view large Terraform plans with ease. Unecessary as of Terraform 0.12.
- Infracost shows cloud cost estimates for Terraform projects.
- driftctl tracks how well your IaC codebase covers your cloud configuration. driftctl warns you about drift.
- tflint. A Pluggable Terraform Linter. Finds possible errors for major cloud providers, warns about deprecated syntax and unused declarations, enforces best practices and naming conventions.
- Terraform Parliament Parliamente for Terraform. Doesn’t support S3 bucket policies yet.
- https://github.com/gruntwork-io/terratest/
- https://terraform-compliance.com/
- https://github.com/stelligent/config-lint
- Terragrunt is a thin wrapper that provides extra tools for keeping your configurations DRY, working with multiple Terraform modules, and managing remote state. * Terraform AWS Secure Baseline is a module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
- https://learn.hashicorp.com/tutorials/terraform/cdktf
-
gron gron transforms JSON into discrete assignments to make it easier to grep for what you want and see the absolute ‘path’ to it. It eases the exploration of APIs that return large blobs of JSON but have terrible documentation. Its primary purpose is to make it easy to find the path to a value in a deeply nested JSON blob when you don’t already know the structure; much of jq’s power is unlocked only once you know that structure.
It’s on the Terraform list because I found it useful to work with
terraform show -json ~/tmp/tfplan. - AirIAM is an AWS IAM to least privilege Terraform execution framework. It compiles AWS IAM usage and leverages that data to create a least-privilege IAM Terraform that replaces the exiting IAM management method.
- tfsec uses static analysis of your terraform templates to spot potential security issues
- Terrascan detects security vulnerabilities and compliance violations across your Infrastructure as Code