Adam Buggia described how to use logs from AWS to inform least privilege policies. It includes an exploration of how to determine required Actions for a given Terraform project using LocalStack and iamlive (by Ian Mckay). AB: I this the described approach should be part of the Terraform Registry at some point.
Alexandre Nedelec wrote a long and very detailed post on why and whether he would choose Pulumi over Terraform for his next project. AB: This is not a boring sales pitch, but a rather well-balanced overview of both ecosystems. I recommend reading it to people who want to know the trade-offs.
Jonathan Share wrote a new blog post where he described an approach to the bulk renaming of Terraform resources with a few lines of shell script and moved block (available in Terraform 1.1). AB: Alternatively, one can use tfrefactor by Ray Myers (read more).