Browsed by
Tag: Terraform

terraform-azurerm-storage-account: A Terraform Module to Deploy ‘Secure By Default’ Storage Accounts

terraform-azurerm-storage-account: A Terraform Module to Deploy ‘Secure By Default’ Storage Accounts

Comments 0 Comment

As organizations increasingly rely on cloud storage solutions, securing data becomes paramount. Storage accounts offer a scalable and durable storage option in the Azure cloud. To simplify the process of provisioning secure storage accounts, I have developed a Terraform module called terraform-azurerm-storage-account. In this blog post, I will guide you through the features and benefits of this module. The Importance of Secure Defaults Using the default settings when provisioning a new storage account can create several vulnerabilities. For instance, by…

Read More Read More

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Terraform Module to Restrict App Service Plan SKUs: Inspired by AZAdvertizer

Comments 0 Comment

In Azure, maintaining compliance and minimizing risk is a constant challenge. This is particularly true when managing App Service Plans for a tenant(s), where unrestricted use of all SKUs can introduce risk. This becomes crucial in environments where adherence to specific App Service Plans is a requirement. Alternatively, in a remediation scenario, if your organization lacks governance and has created numerous improperly specified App Service Plans, you can first remediate these, and then deploy and assign this policy definition. To…

Read More Read More

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

terraform-azurerm-disallow-ragrs-policy: A Terraform Module to Prevent or Audit the Creation of Standard_RAGRS Storage Accounts

Comments 0 Comment

As Azure engineers, we need to be prudent in managing our resources. One such resource is storage accounts. The default option when creating a storage account via the Azure portal or CLI is Standard_RAGRS SKU, which is usually overkill. Here, we introduce the terraform-azurerm-disallow-ragrs-policy module that helps enforce cost-effective use of storage by preventing or auditing the creation of Standard_RAGRS storage accounts. Understanding the Standard_RAGRS vs Standard_GRS Dilemma Standard_RAGRS (Read-Access Geographically Redundant Storage) offers geo-replication across two regions, with read-only…

Read More Read More

terraform-azurerm-aznamingtool: A Terraform Module to Deploy Microsoft’s Azure Naming Tool

terraform-azurerm-aznamingtool: A Terraform Module to Deploy Microsoft’s Azure Naming Tool

Comments 0 Comment

Struggling with inconsistent Azure resource naming? You’re not alone. Manually managing naming standards for various resources can be both time-consuming and error-prone, which may cause confusion later on. To address this, Microsoft created a free .NET core application called AzNamingTool. With a bit of configuration, this tool can generate compliant and consistent names for all Azure resources. I was inspired to create this Terraform module after reading a blog post from Microsoft MVP, Luke Murray. In his post, Luke uses…

Read More Read More

Deploying A Kusama Validator Into Azure Using Terraform and Bash

Deploying A Kusama Validator Into Azure Using Terraform and Bash

Comments 0 Comment

Introduction Kusama is a decentralized computer network. It was founded in 2019 by the creators of Polkadot, Gavin Wood (a co-founder of Ethereum), Peter Czaban, and Robert Habermeier. Kusama uses the same codebase and binary file as Polkadot. As such, a big focus of Kusama is to provide a test platform for Polkadot software developers and stakeholders to deploy and thoroughly test decentralized solutions running on Substrate before releasing them into the Polkadot ecosystem. To understand the Polkadot ecosystem is…

Read More Read More