4 posts tagged with "Terraform"

Managing access in AWS can seem simple at first: a few accounts, a handful of users, and permissions that are easy to control from the console. But as an organization grows — as accounts, teams, and roles multiply — that manual management becomes a problem. Errors accumulate, inconsistencies appear, and traceability fades.
Who has access to what? What permissions does each user actually have? What changes were applied last week? These once-trivial questions become increasingly difficult to answer.

That’s where AWS IAM Identity Center (formerly AWS Single Sign-On) comes in. This service centralizes the management of identities and permissions across all your AWS accounts, letting you define from a single place who can access what, and with which level of privilege. It also simplifies auditing and compliance by maintaining a consistent record of assignments and permissions.

However, the existence of IAM Identity Center alone doesn’t solve scalability challenges — manual configuration doesn’t scale. Each user, group, and permission set must be configured account by account, multiplying effort and increasing the likelihood of mistakes. Keeping environments consistent is difficult, and auditing changes becomes a tedious, unreliable process.
In short: manual management isn’t sustainable in the long run.

The solution lies in automating with Terraform, leveraging the Infrastructure as Code (IaC) approach. With Terraform, your entire configuration is defined in version-controlled files — you can review, replicate, and apply changes in a consistent and auditable way. This not only reduces errors but also turns access management into a scalable, controlled, and well-documented process.

Have you ever needed to create an SFTP server? How do you do it?

For those who have created an SFTP server before, you probably know that it is not easy to create and maintain an SFTP server. There are many ways to do it, but in this case, we are going to install SFTPGo in our Kubernetes cluster.

SFTPGo is an open-source SFTP server that allows users to securely transfer files over SSH. It is written in Go (Golang) and is designed to be lightweight, easy to configure, and highly customizable. It supports multiple storage backends, including local filesystems, cloud storage (like S3, Google Cloud Storage, etc.), and more.

The deployment of SFTPGo on an EKS cluster begins with provisioning the required resources, so let's start by creating the necessary infrastructure with Terraform.

The Backbone of Modern DevOps​

Infrastructure as Code (IaC) has revolutionized the way organizations manage and provision their IT infrastructure. Emerging from the needs of agile development and the rise of cloud computing, IaC stands as a pivotal element in the DevOps toolbox, automating the provisioning of servers, storage, and networking in a reliable and repeatable manner.

🚀 Leveraging OIDC for Enhanced Security and Efficiency Between GitHub Actions/GitLab CI and AWS 🔒

In the rapidly evolving landscape of DevOps and cloud computing, the integration of GitHub Actions or GitLab CI with AWS using OpenID Connect (OIDC) stands out as a game changer. Here's why embracing OIDC can significantly benefit your CI/CD pipelines: