The Pragmatic Programmer’s Guide to Deliberate Infrastructure-as-Code
The Pragmatic Programmer teaches us to not program by coincidence, instead we should program deliberately. What does this mean in the context of infrastructure-as-code? What does ClickOps, abstractions, and implicit actions have to do with it all? In this post I vent a bit of thoughts related to this.
The issue of recursive module calls in declarative infrastructure-as-code
What to do when you are not allowed to use recursive module calls in your declarative infrastructure-as-code? Use imperative infrastructure-as-code!
Kubernetes provider for Bicep together with user-defined types
Azure Bicep is constantly evolving. The latest release brought a preview of user-defined functions, but in this post I am using modules as a substitute for user-defined functions. I will create Kubernetes deployments through a module, where the module is as close to a function as you can come. I will also be using another experimental feature of Bicep: user-defined types.
Azure Kubernetes Service in production - Part 1 - Introduction
How to journey from a blank slate to a production-ready kubernetes cluster using Azure Kubernetes Service? I do not possess all the answers, but I am interested in learning by doing: this is the theme of my new blog series. This post introduces my goal with the series, describing the end overarching goal.
Using HashiCorp Vault to generate temporary credentials to Azure from GitHub Actions
In this post I will demonstrate how HashiCorp Vault can be used to generate temporary credentials to Azure from a GitHub Actions workflow. The workflow will ask Vault to create a temporary service principal with associated credentials that GitHub can use. The service principal is deleted after a few minutes, and no permanent credentials to Azure remain.
Dynamic Terraform Backend (in Azure)
Achieving a dynamic Terraform backend to avoid overwriting state files by mistake