Managing Secrets In Terraform And Terragrunt

[AD-TEAM]

Managing Secrets In Terraform And Terragrunt
Published 10/2023
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.05 GB | Duration: 3h 43m

How to handle secrets inside Terraform and Terragrunt setups

[b]What you'll learn[/b]

How to manage your Terraform secrets

How to use Terragrunt to better manage secrets in Terraform

Different Terraform and Terragrunt approaches to secret managment

Manage Terraform secrets using SOPS, AWS and Vault

[b]Requirements[/b]

Terraform, Terragrunt, AWS, Linux, GIT, Hashicorp Vault

[b]Description[/b]

This course is going to present you various approaches to handle secrets in Terraform and Terragrunt setups.Hiding secrets is important because it helps prevent unauthorized access to sensitive information. In your day to day work you might be working with API keys, tokens, password, credentials to database etc.By hiding secrets, you can ensure that only authorized users and applications have access to them, and that they are not exposed to potential attackers. This can help improve the security of your systems and reduce the risk of data breaches and other security incidents. Limiting access to secrets to dedicated teams, you can also reduce the risk of accidental exposure or misuse of sensitive information. Additionally, dedicated teams can ensure that secrets are properly rotated and managed over time, which is critical for maintaining the security of your systems and data.My goal for this course is to provide you with the knowledge and tools necessary to effectively manage secrets in your Terraform and Terragrunt projects. I hope you will find solution that fulfill your needs.We will evaluate the advantages and disadvantages of each of these methods, and then shift our attention to their practical implementation.Our lessons will focus on:Securing Terraform state backendHiding secrets in outputEnvironment variablesAWS Secret Manager (and any other Cloud Secret Manager)Hashicorp VaultFile encryption using AWS KMS serviceFile encryption using git-cryptFile encryption using SOPS

Overview

Section 1: Introduction

Lecture 1 Introduction

Lecture 2 Secure your remote state backend

Lecture 3 Sensitive values

Section 2: Approaches

Lecture 4 Environment variables

Lecture 5 Secret managers in the Cloud

Lecture 6 Secrets via Hashicorp Vault

Lecture 7 Encrypted files - git-crypt

Lecture 8 Encrypted files - KMS

Lecture 9 Encrypted files - SOPS

Section 3: Setup

Lecture 10 Entry point - Terraform

Lecture 11 Entry point - Terragrunt

Lecture 12 Code

Section 4: Environment variables

Lecture 13 Terraform demo

Lecture 14 Terragrunt demo

Lecture 15 Useful links

Section 5: Secret Managers in Cloud - AWS

Lecture 16 AWS KMS setup

Lecture 17 Terraform demo - additional file approach

Lecture 18 Terraform demo - module approach

Lecture 19 Terragrunt demo

Lecture 20 Useful links

Section 6: Secrets via Hashicorp Vault

Lecture 21 Vault - adding secret

Lecture 22 Terraform demo

Lecture 23 Terraform demo - module approach

Lecture 24 Terragrunt demo

Lecture 25 Useful links

Section 7: Encrypted files - git-crypt

Lecture 26 git-crypt installation from source

Lecture 27 git-crypt installation via brew

Lecture 28 git-crypt installation via package mananger (apt)

Lecture 29 git-crypt - encryption and decryption

Lecture 30 Terraform demo

Lecture 31 Terragrunt demo

Lecture 32 Useful links

Section 8: Encrypted files - AWS KMS

Lecture 33 Setup in AWS

Lecture 34 Encrypting and decrypting a file

Lecture 35 Terraform demo - additional file approach

Lecture 36 Terraform demo - module approach

Lecture 37 Terragrunt demo

Lecture 38 Useful links

Section 9: Encrypted files - SOPS

Lecture 39 SOPS installation - manual

Lecture 40 SOPS installation - brew

Lecture 41 SOPS usage demo - AWS KMS

Lecture 42 SOPS usage demo - PGP

Lecture 43 SOPS usage demo - advance cases

Lecture 44 Terraform demo

Lecture 45 Terragrunt demo

Lecture 46 Useful links

Section 10: Summary

Lecture 47 What way should I go?

Lecture 48 Thank you!

DevOps Engineers,Developers,Cloud Engineers,Security Engineers,Administrators,CloudOps,SecOps,Security Engineers,DevSecOps

[To see links please register or login]

[To see links please register or login]

[To see links please register or login]