RIV25: VPC encryption control: Terraform support

Its reInvent 2025 in two days. This will be the first time I will be there in person ever ( as an AWS employee or customer ). I should say more of my customer work kept me away from the announcements than an actually distancing myself from it :). But I have been keeping an eye out for some which fell into Terraform support ( especially ones which were in both the providers).

Read More

RIV25: Builders' sessions

This is my third year at AWS and I have been an AWS customer or using AWS services for years. But this is the first year that I get to attend reInvent. Am I stoked ? Yes, Absolutely. Add on to the fact that I am leading two Builders’ sessions which are on repeat has been absolutely wonderful. For my personality and character, I find it hard to network and these sessions when you are collaborating or working on the same goal helps me more than the audience in some cases - to evolve, learn more about self and so on.

Read More

Making AI Work for You: Terraform Engineer Blueprint - HashiConf 2025

Thanks to everyone who attended my HashiConf 2025 session on making AI work effectively for Terraform engineering! The response was incredible and the questions we got before and after showed how much the community is thinking about AI-assisted infrastructure development. Want to implement these patterns in your workflow? The techniques demonstrated work across different AI assistants and can be adapted to your team’s specific needs. The prompts and contexts used in the demos are available here.

Read More

Terraform Module Guard: Multi-Engine Policy Validation for Module Sources

It’s November already !!! Are you in the naughty list or nice list ? One of my wishlist items for HCP Terraform or Terraform enterprise has always been the ability to restrict what modules or providers can be used based on some list. Yes, if you have used GitHub actions the desire to have something similar comes from that interface of allowed actions. While that’s a wishlist item, I have had clients who had asked for mechanisms to do this using their existing policy as code frameworks.

Read More

Terratags v0.6.0: Remote Configuration and Google Cloud Support

Terratags continues to evolve, and v0.6.0 brings two significant features that teams have been requesting: remote configuration support and Google Cloud Provider support. These additions make Terratags more practical for enterprise environments and extend its reach beyond AWS and Azure to cover the major cloud providers. What’s New in v0.6.0 Remote Configuration Support One of the feature requests was the ability to centralize configuration management. Teams wanted to avoid duplicating tag requirements across multiple repositories and maintain consistency across their infrastructure.

Read More

Exploring terraform provider capabilities with schema analysis

Terraform has become the de facto name when it comes to tools which help you model infrastructure in a declarative language, the idea of which we call as Infrastructure as Code. At a very high level, Terraform is a Go binary which knows how to do some things well. And providers are that much needed context which terraform needs to work with a platform. The platform can be a cloud service provider or an artifactory platform like jFrog and so on.

Read More

Mastering Terraform Stacks: Post-GA Command References Part 1

This post builds on my previous article Terraform Stacks: A Revisit, where I reviewed what Terraform Stacks had evolved to from an idea or beta. The concept of having that layer of abstraction around deployment was novel and I am still looking forward to some of the improvements we will see in the future. In this post, I am looking to review the terraform stacks subcommand in detail based on the updates from HashiConf.

Read More

Terraform stacks: A revisit

So it’s been almost a year since I published the article on Stacks. I even presented on Stacks on two occassions with HashiCorp engineers. The promise of delivering that multi-region/account/environment experience in a native Terraform language was something exciting. So with HashiConf coming up in 4 weeks, where is it now ? What changes have I seen in the recent days ? Before we jump into the details, lets pull up the definition of Stacks.

Read More

Terraform GitHub Action workflows

With HashiConf'25 a few weeks away, I thought I would bring back some of the hallway track slides I had on “GitHub based Terraform workflow deployments” from HashiConf'24, most of which I had to create when working with some customers. These are some sample workflow patterns which you can possibly use or tweak as needed for your organization needs. I am using GitHub actions as the CI system as it is easy for anyone reading to reproduce across their personal repositories.

Read More

Terratags Update: Advanced Pattern Validation, Multi-Provider Support, and Enhanced Reporting

Since my initial blog post about Terratags in May 2025, the project has evolved significantly. What started as a weekend project to enforce basic tag presence on AWS resources has grown into a tagging validation tool with advanced pattern matching, multi-provider support, and updated reporting capabilities. Some of you reached out and opened issues/enhancement requests around some of the featureset currently available v0.4.0. What’s New: Major Updates Since v0.1.0 The latest version of Terratags (v0.

Read More