Semantic Versioning for IAC — www.mcrilly.com

A very good article by Michael Crilly describing what is wrong with the default semantic versioning approach when applied to IAC (Terraform, CloudFormation, etc). Hopefully, Michael will "formalize" a proposal/RFC and we should hear an update shortly.

Automating Terraform updates with Dependabot — sysdogs.com

Kamil Szczygieł describes how to integrate Dependabot with Terraform and Spacelift. There is also dependabot-gitlab project you will have to run and manage yourself if you are using GitLab.

Open Source Projects

flatt-security/shisho: Lightweight static analyzer for several programming languages

A very new tool written in Rust allows a small subset of features to define rules in YAML files and suggest code changes. Let's see how the development goes there over time.

salesforce/policy_sentry: IAM Least Privilege Policy Generator

If you are struggling with writing and maintaining IAM policies on AWS, take a look at this IAM Least Privilege Policy Generator. The official documentation has all the details you need to know.

kmcquade/terraform-aws-policy-sentry

Terraform module for Policy Sentry (see above) by Kinnaird McQuade allows building secure IAM policies with resource constraints. Neat!

Jobs

Infracost is hiring! — www.infracost.io

Infracost is looking for engineers to join them on their mission to empower engineering teams to use the cloud efficiently and economically. We want everyone to love their cloud bill! Read more