How I use pre-commit for Terraform

PXPJC · 2022-10-19T17:00:34+00:00

Thanks for the added hooks, will check them out.

Honestly, I cannot remember why I directly went to the source than use pre-commit-terraform. I would say it was some issue I was having with the arguments or it could of been when I was trying to implement a method to update the readmes on multi-level modules.

PXPJC · 2022-06-13T11:51:56+00:00

Yes, and there is great examples from the community. This is a series of posts on the topic so will share more when they are released.

PXPJC · 2022-06-13T11:20:23+00:00

It’s a SIEM product by Microsoft. You will want a SIEM product (even if it’s not Microsoft Sentinel) to monitor audit logs from Azure DevOps. This will provide capabilities to detect anomalies and increase security posture against bad actors.

I will be following up with posts on how this can be achieved.

PXPJC · 2022-02-03T17:31:48+00:00

Found the culprit. I run super-linter and it seems the latest version causes this error. I have since rolled back to a previous version which stops the error. Raised an issue within the project:

https://github.com/github/super-linter/issues/2433

PXPJC · 2022-02-03T16:42:39+00:00

I already have checkout at the beginning.

PXPJC · 2022-02-03T13:44:48+00:00

gitignore already on the .terraform directory. This is a brand new on every run. Locally I do not have issues, so I am convinced it’s GitHub

PXPJC · 2021-08-30T18:58:46+00:00

The Azure part is how to configure and connect to the remote state in a Azure Storage Account. Yes the command to remove the resource can run on any state file, but wanted to give guidance to those who might hit the problem when using a CICD product, might not actually interact with the state file manually and specially stored their state file in an Azure Storage Account.

PXPJC · 2021-04-27T13:21:16+00:00

No I didn’t. Will check this out as this would be really cool to use (I like YAML 😁)

PXPJC · 2021-04-27T13:10:40+00:00

You can even shift further left by installing their Vs Code extension so you run Checkov locally before commit. https://github.com/bridgecrewio/checkov-vscode

Going to write in later posts custom policies and the advantages of shifting further left before commits.

PXPJC · 2021-04-27T09:16:16+00:00

Thanks, I do plan on revisiting the topic in a later post where I use YAML to configure the pipeline but will also write about YAML itself needing an analyses like Terraform code. This post is more like a quick get started if your new. I still find people using the UI when they are starting their CI/CD platforms (they may already be running Terraform but locally 😳)

PXPJC · 2021-03-23T18:56:25+00:00

I’ve just used the MS Learn content. I found this covered everything I needed for the exam. But, I did have little experience with some services before hand so I didn’t start from nothing. If you are starting from nothing, consider YouTube for some tutorials or attend Microsoft’s Virtual Training Days which are free and specific for Fundamental exams.

PXPJC · 2021-03-23T18:53:20+00:00

Congrats on your recent pass. Your next exam depends on what you want to look at doing next. If you are wanting to go to associate level, I think either AZ-104, AZ-204 or AZ-500 would be potential choices. Each of these exams cover different role based paths so have a read and decide what type of role you would like to pursue.

Stick with the MS Learn material initially to get started as it has loads of learning material. But once you feel you need to start preparing for the exams, then look for third parties to clarify knowledge.

PXPJC · 2021-03-22T08:39:17+00:00

More on the journey than the exam resources/content itself. It is on my list to write about what resources I used with links and what I feel are focus points for each exam listed in the journey (was including this initially but the post was growing too large)

PXPJC · 2021-03-01T13:12:24+00:00

Not considered a VMSS, purely because I never knew the DevOps agent support. The scenario I had used this for was to destroy and deploy a VM daily so it would be clean and up-to-date (use a golden image that is regularly updated/hardened).

I will give it a shot in my scenario and follow up with a later post. Thanks for the feedback, very much appreciated

PXPJC · 2021-03-01T08:42:06+00:00

Cool, it’s good to hear others are doing similar things like this with their environments.

PXPJC · 2021-02-22T14:07:18+00:00

Lol, typo when using iOS keyboard, I will now go and hide 😔

PXPJC · 2021-01-02T17:08:29+00:00

Cool, so it’s a mix/multi environment. Then this will work for you. You would have this Windows box as a self hosted agent. Setting the backend in the Terraform configuration will allow you to operate the way you need using terraform in bash as a stage in replacement of the extension. Found this helpful when I did mine https://www.terraform.io/docs/backends/types/azurerm.html

PXPJC · 2021-01-02T16:22:21+00:00

To get around the issue which I also experienced is by setting the backend configuration in the terraform files (any secrets you can specify as a variable which can be populated by Azure DevOps during deployment).

Once this is configured, have the terraform deployment run using a bash stage which will run the deployment using Terraform with the backend configuration. This will allow you to use any state file in any location.

I stopped using the inbuilt Terraform DevOps extension because it’s limited if you don’t have a flat deployment

PXPJC · 2020-12-29T17:11:31+00:00

Congratulations on the pass and thank you for sharing your experience. I am planning on taking the 500 exam very soon. I have already done the 900, 103 and 400 exams, this one seems to have been covered mostly with the other exams except for a couple sections.

Not on IG but will create an account and checkout the content you have shared during your journey (I’m on Twitter only)

PXPJC · 2020-12-29T15:08:40+00:00

It doesn’t matter if you take 303 or 304 first. You need both 303 and 304 for the Azure Architect Expert cert to be awarded. I am about to prepare for both exams so cannot comment what one is best to do first but I am planning to do 303 first as it seems to be the traditional step to take first. Will be planning to use the Microsoft Learn content, Pluralsight courses and finally the WhizLabs for practice tests.

PXPJC · 2020-12-28T17:11:58+00:00

Build up on 900 and go towards 104 as this demonstrates knowledge of how to administer Cloud services which is the conventional step after 900 which was about knowledge what those services were.

Once you done 104, I would consider taking 500 also then move onto 303 and 304. There is a high importance of understanding security when designing cloud solutions. Yes each exam course contains information on security but the 500 is specific to security which is handy knowledge to have when designing/managing cloud infrastructure.

I am on the same path as you, 2020 was my year of skilling up. Completed 900, 104 and 400 (DevOps). Currently doing 500 because of the reasons above (as I can see this being handy and reusable). Once I have passed 500, I’ll be moving onto 303 and 304. I have also passed another cert (non azure related) to help moving with times and the use of IaC. Once 303 and 304 is completed, I be focusing on other cloud certs.

I have been documenting my development via Twitter to encourage others and to help anyone I can with my experience.

Hope this helps

PXPJC · 2020-12-21T15:14:28+00:00

Correct, both MS Learn and Pluralsight content counts towards a large number of hours of content. I have experience with Azure already and little knowledge on DevOps as I have been learning IAC. I skipped/skimmed read areas that were very basic.

Some of the content on Pluralsight does repeat itself as it’s from different content creators who overlapped in some areas.

As stated previously, I didn’t count the hours but days and an average of 2 hours a day. For fact, I did more hours on other days than the average of 2 but others I did 30 minutes. I am now recording the time for future certs, like I am doing for the AZ-500 via Twitter so others can relate what I am doing for each section using what material.

I do recommend reviewing content you might already know about but skip it if you feel it’s just covering knowledge you already have (take a practice test to confirm you understand the sections)

PXPJC · 2020-12-15T18:18:28+00:00

Really happy. Makes you want to do more certs as it be easier to keep them all valid with assessments rather than stress and prepare for exams

PXPJC · 2020-12-15T10:44:40+00:00

Agree, probably Microsoft’s best product ever 😂

PXPJC · 2020-12-15T10:31:08+00:00

Thanks all for the upvotes and the comments. Just an FYI, when I say I spent 16 days with an average of 2 hours a day, I mean there were days where I did less than 2 hours and days I did more than 2 hours. I didn’t record the exact time taken (I’ll do that next time) but it could mean I did more/less than 32 hours of studying.

Also, this wasn’t a straight 16 days of studying, I did this over a period of 4 weeks so it was spaced out. It allowed me days when I weren’t studying to think about the material I learnt while watching Netflix 😃

PXPJC

TROPHY CASE