This post details a command line tool I’ve written called awsbigbrother. It can be used to audit AWS accounts and check that you are not exposed in certain areas. The mentality behind it is continuous checking and monitoring for security issues.
I tend to work on a lot greenfield projects where we create AWS stuff from scratch. When I roll down somewhere the very first thing I need to think about is account structure. There are pros and cons to various account structures. There’s no ‘right’ way to do this but I’m going to cover why I generally prefer multiple accounts.
This post details a way to get your terraform outputs into your Ruby code. I wrote a little ruby gem to handle it. Why might you do this? Well good question, sometimes people like to write some scripting that uses things from terraform outputs. Of course you can just make a command line call to
terraform output which is pretty simple. After writing this gem I was wondering whether or not I should have bothered: