This post provides a tour of HCP Boundary and HCP Vault through the eyes of Terraform. The goal is to set up just-in-time access to AWS EC2 instances for on-call engineers. When an alarm is triggered in AWS due to high CPU utilization on an EC2 instance a Lambda function is invoked to configure access in Boundary for on-call engineers. When the alarm is cleared the access is removed. Vault is used for credential injection, so that on-call engineers are able to access EC2 instances without requiring access to any static credentials.

A short blog post about the HashiCorp Ambassador program.

This blog post is the writeup of my talk at HashiTalks 2024 on the Terraform test framework. I discuss a layered approach to testing where we begin by using declarative validation in our Terraform modules and follow this up with successively more advanced tests. I will also discuss the need for policy-as-code because not everything makes sense as tests, some things should be policies.

I recently submitted my first source code contribution to HashiCorp Vault. This is outside my usual type of work. In this post I walk through my experience!

The Pragmatic Programmer teaches us to not program by coincidence, instead we should program deliberately. What does this mean in the context of infrastructure-as-code? What does ClickOps, abstractions, and implicit actions have to do with it all? In this post I vent a bit of thoughts related to this.

I have written a lot about the new Terraform testing framework, but there is one piece of the puzzle that I have written almost nothing about: Terraform Cloud. In this post I will go through how to publish a module to a private Terraform Cloud registry and enable testing for the module. I will also show you the new test generation using AI.

I continue my exploration of the new Terraform testing framework with this post where I demonstrate how to run permutations of a given test using GitHub Actions. Specifically I’ll dive into an example where our module depend on a different module, and we are required to support a given number of recent versions of this module.

This post follows up on my comprehensive guide to testing in Terraform. The testing framework is new and untested (pun not intended), but it already offers a lot of possibilities that will lead to better Terraform modules. In this post I will explore all the options that are available in the new run block and the new terraform test command.

What to do when you are not allowed to use recursive module calls in your declarative infrastructure-as-code? Use imperative infrastructure-as-code!

HashiCorp Developer AI is here in private beta. What is the Developer AI? Think ChatGPT for HashiCorp. It lives inside the documentation pages on developer.hashicorp.com and can assist you with any questions you might have related to HashiCorp products. In this post I take a first quick look at how Developer AI works and what it can do.