Skip to main content
HashiTalks 2025 Learn about unique use cases, homelab setups, and best practices at scale at our 24-hour virtual knowledge sharing event. Register
Presentation

Shifting Terraform Configuration Security Left

Try some static analysis of your Terraform code.

How do you know if the HCL you're writing will result in secure infrastructure? How can you write tests to catch common problems? One of the advantages of infrastructure as code is that you can reason about the code before you run it. In this talk Gareth Rushgrove will look at the area of configuration security, discuss some of the issues around static analysis of Terraform, and look at some open source tools that can help with testing your Terraform code.

Slides here

More resources like this one

3/15/2023Presentation

Advanced Terraform techniques

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

2/1/2023Case Study

Should My Team Really Need to Know Terraform?

1/20/2023Case Study

Packaging security in Terraform modules