Posts about security are always the ones that make everyone get really excited… Or maybe not everyone. 😉 Anyhow, what is typically the weakest link in any security design? Indeed, the human touch… The effects of this can range from having seen secrets to creating drift (unwanted changes vs de expected baseline). In today’s post, I’ll walk you through an example setup that aims to close some additional holes for you. How will we be doing this? By basically automating the entire infrastructure management with Azure Devops & Terraform. Now you’ll probably think, what does that have to do with security? Good response! We’re going to reduce the points to where human contact can interfere with our security measures. Though we want to do this without putting our agility at risk!
For this exercise, we’re going to leverage this blueprint ;
Continue reading “Landscaping a Secure/Closed Loop Infrastructure in Azure with Terraform & Azure Devops”
A lot of people always keep telling me that they love Azure’s Cloud Shell. Oddly enough, I use it more occasionally and find my self using the WSL (Windows Subsystem for Linux) more. If I analyze it a bit, I recon it’s because I want to easily edit & use files with the Azure CLI (etc). Now, the Azure Cloud Shell has a way to persist files! Therefor I embarked on a small test to see what kind of workflow would work whilst working with Terraform and leveraging the Cloud Shell to apply the configurations.
So what did I come up with? As you know, I’m running my development workstation in the cloud. In addition, I’ve mounted the CloudDrive onto my workstation and cloned my GitHub repo to that location. Next up, I can author my files locally and afterwards push to my repository. As the local files are synced with the CloudDrive, they’ll immediately pop up in my Cloud Shell too. So I can apply them there…
Sounds great? Let’s take it for spin!
Continue reading “From Cloud Dev Station to Terraform landscaping in Azure”