Blog
DevOps, tools, tips, and tech
Showing 9 posts tagged “opentofu” · Clear filter
DNS Management at Scale - Route 53 with Terraform
Part 10 of the AWS account structure series. Managing Route 53 hosted zones and records with Terraform, email delegation patterns, and cross-account DNS access for certificate validation.
IAM Identity Center - Why It Replaces IAM Users
Part 6 of the AWS account structure series. Setting up AWS IAM Identity Center for human access, understanding the identity store, and why it's the recommended approach over IAM users.
Permission Sets - Designing Access Patterns
Part 7 of the AWS account structure series. Creating permission sets in IAM Identity Center with managed policies, inline policies, and appropriate session durations.
Cross-Account Access Patterns - Deployment Roles and Role Chaining
Part 8 of the AWS account structure series. Designing cross-account deployment roles, understanding role chaining, and implementing external ID protection.
Solving the State Problem - Terraform Backend Bootstrap
Part 4 of the AWS account structure series. The chicken-and-egg problem of Terraform state storage, and how to bootstrap an S3 backend with DynamoDB locking.
Security Foundations - CloudTrail, Config, and Password Policies
Part 3: Setting up the security baseline with CloudTrail audit logging, AWS Config compliance monitoring, and password policies.
AWS Organizations - The Foundation of Multi-Account
Part 2 of the AWS account structure series. Setting up AWS Organizations, the bootstrap chicken-and-egg problem, and creating the account hierarchy.
The Multi-Account Journey - Why Structure Matters
Part 1: Why organisations move from a single AWS account to a proper multi-account setup, and the three infrastructure repos that enable it.
GitOps All The Things - ArgoCD and the App-of-Apps Pattern
Part 3 of my homelab series: How ArgoCD's app-of-apps pattern manages 30+ applications with automatic sync and self-healing.