Today, we’re excited to introduce a new capability that delivers instant value, allowing you to detect and analyze drift within minutes, even before fully onboarding to env0.
Infrastructure as Code is first and foremost code, and a chief principle of writing good software is leveraging abstractions to make your code reusable, scalable, and consistent. Terraform modules are the abstraction provided by HashiCorp to take logical groupings of resources and package them together in a reusable object.
In this blog post, we will compare three popular IaC scan tools: Checkov, TFsec, and Terrascan. We will compare them based on their features, performance, usability, and compatibility.
The env0 team has been busy this year—learn more about our favorite env0 feature releases of 2023 so far, including Environment Locking, Remote Plans, Project Level Custom flows, and more.
Under pressure to use an automated IaC tool but don’t want to deal with the overhead of pushing code for every change? Here’s a step-by-step look at how to use Terraform locally and still have access to all the benefits of the env0 platform.
Feature Release: env0 has released an integration with Azure DevOps, allowing teams to automate the provisioning and management of cloud resources directly from Azure DevOps. This integration is useful for implementing gitops workflows, providing self-service provisioning for developers, and enforcing governance and compliance controls.
In a world where infrastructure is constantly changing and evolving, it's more important than ever to have tight controls over who can make what changes. Granular RBAC allows you to give each user only the permissions they need to do their job, nothing more. This reduces the potential attack surface of your infrastructure and helps to prevent breaking changes.
In this post we’ll take a look at why auditing is necessary for Infrastructure as Code, the benefits of having an audit trail for Terraform and other IaC frameworks (such as Terragrunt, Pulumi, CloudFormation, Kubernetes, and others), and share how you can automate your audit trail easily with env0.
How many of you have started with Terraform and discovered you need the same code to build multiple environments? Perhaps a dev, stage, and production environment? After researching Workspaces, Branches, and Terragrunt, you aren’t completely satisfied and want to know if there is another way. If you are here, I’ll assume that’s you!
Learn more about Terraform variables, terraform module variables, and ways to DRY out your code with some examples of how to build complex variable hierarchies.
Workflows solve the problem of provisioning complex infrastructure resources that have dependencies, and using multiple frameworks for your infrastructure-as-code.
DevOps engineers sometimes need to perform one-off commands on their Terraform code or state. For example, “terraform import” or “terraform state rm”, or any other Terraform or bash commands. The problem is that it is dangerous to allow users to work directly from a terminal.
If you have deployed anything with an Infrastructure as Code framework (Terraform, Pulumi, etc…) recently, then you have interacted with a state file, and may not have even known it! So, what is the state file? Why is it important? What should you do with it? These are some of the most asked questions when it comes to Infrastructure as Code management. So, let’s get into it!
Nowadays all is heavy-automated and so, as requested by many of our customers, we now offer a Terraform Provider for the env0 platform! env0 is now extensible with UI, API, CLI, and Terraform Provider.
Infrastructure is typically built up from multiple layers, starting with the network to the compute layer. In order to deploy your K8s cluster, you typically need your subnets and VPCs defined ahead of time. As I talk to customers about their IaC deployment challenges, I often get asked how env0 can help with orchestrating dependencies amongst these multi-tiered, multi-layered infrastructure deployments.
env0 is enabling the ability to automatically detect drift and make sure real-world resources in the cloud provider are aligned with Infrastructure as Code files, a huge thing for those Infrastructure as Code users world-wide!