Cloud Posse DevOps "Office Hours" (2022-01-12)
01/12/22 • 53 min
Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:32] Mozilla sops call out for new maintainers
https://github.com/mozilla/sops/discussions/927
[00:05:29] Spacelift is launching a podcast! missionCTRL
[00:06:04] New Atmos Logo!
https://github.com/cloudposse/atmos
[00:07:47] Atmos Now Supports Multiple Inheritance
https://github.com/cloudposse/atmos/pull/101
[00:28:16] Geodesic Toolbox UX Improvement: Auto Set Workdir
https://github.com/cloudposse/geodesic/pull/753
[00:30:10] How to Automate granting IAM Permissions to different Teams in growing company ?
[00:46:14] Anyone know of a working json2hcl2 tool?
[00:48:22] Should our teams should avoid using terraform to configure Datadog Monitors and Dashboards?
[00:52:54] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws
Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:32] Mozilla sops call out for new maintainers
https://github.com/mozilla/sops/discussions/927
[00:05:29] Spacelift is launching a podcast! missionCTRL
[00:06:04] New Atmos Logo!
https://github.com/cloudposse/atmos
[00:07:47] Atmos Now Supports Multiple Inheritance
https://github.com/cloudposse/atmos/pull/101
[00:28:16] Geodesic Toolbox UX Improvement: Auto Set Workdir
https://github.com/cloudposse/geodesic/pull/753
[00:30:10] How to Automate granting IAM Permissions to different Teams in growing company ?
[00:46:14] Anyone know of a working json2hcl2 tool?
[00:48:22] Should our teams should avoid using terraform to configure Datadog Monitors and Dashboards?
[00:52:54] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws
Previous Episode
Cloud Posse DevOps "Office Hours" (2022-01-05)
Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:17] Cert-manager now supports Private CA ACM (no public ACM yet)
https://aws.amazon.com/about-aws/whats-new/2022/01/acm-kubernetes-cert-manager-plugin-production/
https://github.com/aws/containers-roadmap/issues/904
[00:04:32] Huge PR for Maintenance on Beanstalk Module
https://github.com/cloudposse/terraform-aws-elastic-beanstalk-environment/pull/203
[00:05:25] SQL Migrations with Terraform (via Oliver)
https://registry.terraform.io/providers/paultyng/sql/latest/docs/resources/migrate
[00:09:21] Checkout our #jobs Channel for new postings
[00:10:02] Ready to do things the Cloud Posse way? Take our quiz.
https://cloudposse.com/quiz
[00:11:41] Is updating a securitygroup with lambda really the only way to protect endpoints behind Cloudfront from other traffic?
[00:16:35] Any insights on provisioning cdns that are optimized to minimize http 2 response delays?
[00:30:30] CloudTrail lake announced https://aws.amazon.com/blogs/mt/announcing-aws-cloudtrail-lake-a-managed-audit-and-security-lake/
[00:31:55] Anyone working with VPC IPAM?
[00:36:30] Do you have any suggestions to prevent creation of resources without cost allocation tags?
[00:39:00] High CVE in containerd
https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c
https://nvd.nist.gov/vuln/detail/CVE-2021-43816
[00:42:18] Why would we move from ECS on EC2 to Kubernetes?
[00:53:19] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws
Next Episode
Cloud Posse DevOps "Office Hours" (2022-01-19)
Cloud Posse holds public "Office Hours" every Wednesday at 11:30am PST to answer questions on all things related to DevOps, Terraform, Kubernetes, CICD. Basically, it's like an interactive "Lunch & Learn" session where we get together for about an hour and talk shop. These are totally free and just an opportunity to ask us (or our community of experts) any questions you may have.
You can register here: https://cloudposse.com/office-hours
Join the conversation:
https://slack.cloudposse.com/
Find out how we can help your company:
https://cloudposse.com/quiz
https://cloudposse.com/accelerate/
Learn more about Cloud Posse:
https://cloudposse.com
https://github.com/cloudposse
https://sweetops.com/
https://newsletter.cloudposse.com
https://podcast.cloudposse.com/
[00:00:00] Intro
[00:01:28] GitHub to Support Mermaid diagrams that can be displayed within Markdown
https://github.com/github/roadmap/issues/372
[00:02:16] On-call Engineer’s Dinner for FAMILY during incidents should be expensed
https://twitter.com/mipsytipsy/status/1482895726581485572?s=21
[00:03:34] AWS Proton Adds Terraform Support and Git Template Storage
https://www.infoq.com/news/2022/01/proton-terraform-git/
[00:06:17] New Cloud Posse Terraform module to manage AWS Service Quotas
https://github.com/cloudposse/terraform-aws-service-quotas
[00:08:59] Get Infra costs from your Spacelift runs
https://docs.spacelift.io/vendors/terraform/infracost
[00:12:27] AWS SSM Now Supports Outgoing Webhooks
https://aws.amazon.com/about-aws/whats-new/2022/01/aws-systems-manager-automation-third-party-applications-webhooks/
[00:12:51] AWS Systems Manager Automation runbooks from Slack (using AWS Chatbot)
https://aws.amazon.com/about-aws/whats-new/2022/01/aws-systems-manager-automation-runbooks-slack/
https://aws.amazon.com/chatbot/
[00:13:10] Terraform v1.1.4 released (nothing really noteworthy)
https://github.com/hashicorp/terraform/releases/tag/v1.1.4
[00:18:23] PSA terraform-provider-awsutils gotchas
https://sweetops.slack.com/archives/CB6GHNLG0/p1642600261130900?thread_ts=1642600040.130400&cid=CB6GHNLG0
[00:22:08] Slick GitHub Action for Terraform (via weekly.tf)
https://github.com/suzuki-shunsuke/tfcmt
[00:27:41] What is a good way to ensure that a terraform plan on one branch does not block other branches from doing terraform plan?
https://sweetops.slack.com/archives/CHDR1EWNA/p1642620072006600
[00:34:19] Most organizations have at least 1 of these infrastructure problems? How are you solving them?
[00:45:30] Does anyone use, or has anyone used Ansible enough to shed some light on when (what types of tasks) Ansible would definitely be better than Terraform?
[00:53:02] Is it really a common practice to run terraform plan continuously to detect drifts?
[00:57:17] Outro
#officehours,#cloudposse,#sweetops,#devops,#sre,#terraform,#kubernetes,#aws
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cloud-posse-devops-office-hours-podcast-157103/cloud-posse-devops-office-hours-2022-01-12-18978133"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to cloud posse devops "office hours" (2022-01-12) on goodpods" style="width: 225px" /> </a>
Copy