AWS GuardDuty in Optional Regions

One of the projects that I am working on right now involves writing automation to deploy and configure AWS GuardDuty for a large organization with a delegated security account to manage GuardDuty. While we do not use all the regions...

Using TFVars as Conditionals in Terratest

With the changes to S3 a few months ago, I decided that it was time to update the S3 module we use at my current employer. Since I did not write the original module, and the changes were pretty significant,...

Conditional user_data in Terraform

I was working on a new Terraform module for deploying a Nessus appliance in AWS and ran into a an interesting problem. Nessus provides two different types of AMI images that can be deployed in AWS. One is pre-authorized and...

Running Terratest in a Docker Container

One of the things that I have been wanting to do for some time is to add Gruntwork.io’s Terratest to my Terraform modules. This week I decided to invest some time in getting it running, and I have added it...

Secrets in AWS user_data via Hashicorp Vault

Recently I began working on a project to change how we log into our instances in AWS. Like most companies, we have used the default instance user (ec2-user, ubuntu, etc) and a master key to log into a running instance....