Anton Babenko antonbabenko

## cloudflare_worker.js
const redirectMap = new Map([
['/issues/weekly-tf-issue-101-best-practices-for-using-terraform-by-google-the-many-ways-to-access-rds-artificial-intelligence-infrastructure-as-code-generator-1473757', 'https://www.weekly.tf/p/weeklytf-issue-101-best-practices-using-terraform-google-many-ways-access-rds-artificial-intelligenc'],
['/issues/weekly-tf-issue-100-using-least-privilege-iam-policies-aws-sam-cli-and-terraform-managing-terraform-state-with-terragrunt-ci-cd-pipeline-in-azure-devops-achieving-balance-with-policy-enforcement-aws-re-invent-1463043', 'https://www.weekly.tf/p/weeklytf-issue-100-using-least-privilege-iam-policies-aws-sam-cli-terraform-managing-terraform-state'],
['/issues/weekly-tf-issue-99-aws-landing-zone-codify-your-infrastructure-with-terraformer-and-terraform-best-practices-gitlab-managed-terraform-state-terrascan-aws-nat-instances-ci-cd-pipelines-for-infrastructure-as-code-with-kief-morris-1448446', 'https://www.weekly.tf/p/weeklytf-issue-99-aws-landing-zone-codify-infrastructure-terrafo

## gist:b711b4eed4b24911027e3a7692e4549a
1. Big success = incredible growth = big investment -> higher risk of losing the pure spirit of open-source + open community. What are the comming actions to reduce this risk and not reproduce the same failing pattern of Docker Inc? / via H.

## .pre-commit-config.yaml
#  - repo: local  # @todo: move to pre-commit-terraform, add support for multiple module dirs, and run before terraform_docs
#    hooks:
#      - id: terraform_wrapper
#        name: "Terraform module wrapper - root"
#        entry: /Users/Bob/Sites/terraform-aws-modules/scripts/generate-terraform-wrappers.sh --overwrite
#        language: system
#        pass_filenames: false
#      - id: terraform_wrapper
#        name: "Terraform module wrapper - object"
#        entry: /Users/Bob/Sites/terraform-aws-modules/scripts/generate-terraform-wrappers.sh --module-dir modules/object --overwrite

## should_you_sponsor.sh
#!/bin/bash

# If you are using some terraform-aws-modules, pre-commit-terraform, or other projects I am heavily involved into
# please consider support me on GitHub Sponsors or any other platform!
#
# Here you can see most of my projects - https://github.com/antonbabenko/terraform-aws-devops

find . -type f \( -name "*.tf" -o -name "*.yaml" \) -and \( -not -path "*/.terraform/*" \) -exec \
grep -E 'terraform-aws-modules|antonbabenko/pre-commit-terraform' -q {} + && \
echo "Found some references... You are using some open-source projects by Anton, please support @antonbabenko" && \

## valid_but_ugly.tf
resource "aws_db_instance" "valid_but_ugly" {
  allocated_storage       = 20
  storage_type            = "gp2"
  engine                  = "mysql"
  engine_version          = "5.7"
  instance_class          = "db.t2.micro"

  # flip value to true/false will return multiple violations.
  iam_database_authentication_enabled = local.test2.some[0] == "dd" #tobool("true")
  #(true == true)

## gist:06ef9e96867e790e1a17ca958d2da95c
# Copy image from GHCR into private ECR

aws ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin 835367859851.dkr.ecr.eu-west-1.amazonaws.com

docker pull ghcr.io/cloudquery/cloudquery:0.13.4
docker tag ghcr.io/cloudquery/cloudquery:0.13.4 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4
docker push 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4


# Run Postgres locally

## generate-terraform-wrappers.sh
#!/usr/bin/env bash

set -e

readonly CONTENT_MAIN_TF='module "wrapper" {}'
readonly CONTENT_VARIABLES_TF='variable "items" {
  description = "Maps of items to create a wrapper from. Values are passed through to the module."
  type        = any
  default     = {}
}'

## setup.sh
git clone git@github.com:tj/sponsors-api.git
cd sponsors-api

# Install up ( https://github.com/apex/up )
curl -sf https://up.apex.sh/install | sh

# Build the binary
GOOS=linux GOARCH=amd64 go build -o server cmd/sponsors-api/main.go

# Create config for up

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                antonbabenko
                / README.md
            
            
              Created
              September 1, 2020 13:16
            
              
                aws_ecs_service - The new ARN and resource ID format must be enabled to propagate tags.
              
          
    Error:
aws_ecs_service.atlantis: Creating...

Error: InvalidParameterException: The new ARN and resource ID format must be enabled to add tags to the service. Opt in to the new format and try again. "atlantis"

Solution - enable new features in AWS account:

  
## terraform-cost-estimation.rego
# Terraform Cost Estimation + Open Policy Agent
#
# This code snippet supports terraform state for now.
#
# Get the whole response:
# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation
#
# Get boolean response. Return false if state (per hour) is too expensive:
# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation.response.allowed
	const redirectMap = new Map([
	['/issues/weekly-tf-issue-101-best-practices-for-using-terraform-by-google-the-many-ways-to-access-rds-artificial-intelligence-infrastructure-as-code-generator-1473757', 'https://www.weekly.tf/p/weeklytf-issue-101-best-practices-using-terraform-google-many-ways-access-rds-artificial-intelligenc'],
	['/issues/weekly-tf-issue-100-using-least-privilege-iam-policies-aws-sam-cli-and-terraform-managing-terraform-state-with-terragrunt-ci-cd-pipeline-in-azure-devops-achieving-balance-with-policy-enforcement-aws-re-invent-1463043', 'https://www.weekly.tf/p/weeklytf-issue-100-using-least-privilege-iam-policies-aws-sam-cli-terraform-managing-terraform-state'],
	['/issues/weekly-tf-issue-99-aws-landing-zone-codify-your-infrastructure-with-terraformer-and-terraform-best-practices-gitlab-managed-terraform-state-terrascan-aws-nat-instances-ci-cd-pipelines-for-infrastructure-as-code-with-kief-morris-1448446', 'https://www.weekly.tf/p/weeklytf-issue-99-aws-landing-zone-codify-infrastructure-terrafo
	# - repo: local # @todo: move to pre-commit-terraform, add support for multiple module dirs, and run before terraform_docs
	# hooks:
	# - id: terraform_wrapper
	# name: "Terraform module wrapper - root"
	# entry: /Users/Bob/Sites/terraform-aws-modules/scripts/generate-terraform-wrappers.sh --overwrite
	# language: system
	# pass_filenames: false
	# - id: terraform_wrapper
	# name: "Terraform module wrapper - object"
	# entry: /Users/Bob/Sites/terraform-aws-modules/scripts/generate-terraform-wrappers.sh --module-dir modules/object --overwrite
	#!/bin/bash

	# If you are using some terraform-aws-modules, pre-commit-terraform, or other projects I am heavily involved into
	# please consider support me on GitHub Sponsors or any other platform!
	#
	# Here you can see most of my projects - https://github.com/antonbabenko/terraform-aws-devops

	find . -type f \( -name ".tf" -o -name ".yaml" \) -and \( -not -path "/.terraform/" \) -exec \
	grep -E 'terraform-aws-modules\|antonbabenko/pre-commit-terraform' -q {} + && \
	echo "Found some references... You are using some open-source projects by Anton, please support @antonbabenko" && \
	resource "aws_db_instance" "valid_but_ugly" {
	allocated_storage = 20
	storage_type = "gp2"
	engine = "mysql"
	engine_version = "5.7"
	instance_class = "db.t2.micro"

	# flip value to true/false will return multiple violations.
	iam_database_authentication_enabled = local.test2.some[0] == "dd" #tobool("true")
	#(true == true)
	# Copy image from GHCR into private ECR

	aws ecr get-login-password --region eu-west-1 \| docker login --username AWS --password-stdin 835367859851.dkr.ecr.eu-west-1.amazonaws.com

	docker pull ghcr.io/cloudquery/cloudquery:0.13.4
	docker tag ghcr.io/cloudquery/cloudquery:0.13.4 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4
	docker push 835367859851.dkr.ecr.eu-west-1.amazonaws.com/cloudquery:0.13.4


	# Run Postgres locally
	#!/usr/bin/env bash

	set -e

	readonly CONTENT_MAIN_TF='module "wrapper" {}'
	readonly CONTENT_VARIABLES_TF='variable "items" {
	description = "Maps of items to create a wrapper from. Values are passed through to the module."
	type = any
	default = {}
	}'
	git clone git@github.com:tj/sponsors-api.git
	cd sponsors-api

	# Install up ( https://github.com/apex/up )
	curl -sf https://up.apex.sh/install \| sh

	# Build the binary
	GOOS=linux GOARCH=amd64 go build -o server cmd/sponsors-api/main.go

	# Create config for up
	# Terraform Cost Estimation + Open Policy Agent
	#
	# This code snippet supports terraform state for now.
	#
	# Get the whole response:
	# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation
	#
	# Get boolean response. Return false if state (per hour) is too expensive:
	# opa eval --data terraform-cost-estimation.rego --input terraform.tfstate --format pretty data.terraform_cost_estimation.response.allowed