{"id":29573,"date":"2024-09-10T12:18:30","date_gmt":"2024-09-10T10:18:30","guid":{"rendered":"https:\/\/www.codemotion.com\/magazine\/?p=29573"},"modified":"2024-09-10T16:10:37","modified_gmt":"2024-09-10T14:10:37","slug":"how-to-augment-app-security-with-terraform-first-steps","status":"publish","type":"post","link":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/","title":{"rendered":"How to Augment App Security with Terraform: First Steps"},"content":{"rendered":"\n<p>Terraform is the most popular tool for provisioning and managing Infrastructure-as-Code (IaC) over varied cloud environments. While there is <a href=\"https:\/\/www.cio.com\/article\/3479887\/opentofu-liberating-iac-and-devops-beyond-terraform.html\" target=\"_blank\" rel=\"noreferrer noopener\">an ongoing debate<\/a> about open-source and proprietary IaC frameworks, the fact remains that Terraform still has a significant lead in market share over its competitors.<\/p>\n\n\n\n<p>Since IaC is now a <a href=\"https:\/\/www.codemotion.com\/magazine\/devops\/devops-trends-to-follow-in-2023\/\" target=\"_blank\" rel=\"noreferrer noopener\">fundamental DevOps practice<\/a>, it follows that Terraform is a crucial part of DevOps tech stacks at many organizations. So while Terraform by itself doesn\u2019t have a direct impact on app security, its role in app development and production infrastructure is crucial. Devs and sys admins would therefore do well to be aware of and incorporate best practices to manage Terraform security across their IaC implementation.<\/p>\n\n\n\n<p>Here are a few ways to do that.<\/p>\n\n\n\n<p><strong>Always Execute Programmatically<\/strong><\/p>\n\n\n\n<p>Ease of automation and ease of executing CI\/CD pipelines are the reasons Terraform gained popularity. Running commands manually always introduces a possibility of human error. So make sure you execute Terraform commands and parameters programmatically, with a tool such as Jenkins or GitLab CI\/CD.<\/p>\n\n\n\n<p>Security-wise, this gives you multiple benefits:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Limited access to the infrastructure by authorized users only<\/li>\n\n\n\n<li>Unambiguous process for deploying infrastructure changes, where departures from the norm can be tracked<\/li>\n\n\n\n<li>Enforcement of version control<\/li>\n\n\n\n<li>Consistency in code review and approvals, minimizing the risk of vulnerabilities<\/li>\n<\/ul>\n\n\n\n<p><strong>Follow Cloud Security Best Practices<\/strong><\/p>\n\n\n\n<p>While Terraform isn\u2019t designed exclusively for the cloud, it is extensively and almost exclusively used in hybrid and multi-cloud environments. Therefore, sticking to well-known cloud security best practices and benchmarks (such as <a href=\"https:\/\/www.cisecurity.org\/cis-benchmarks\" target=\"_blank\" rel=\"noreferrer noopener\">those from CIS<\/a>) will keep your applications and infrastructure secure at all times.<\/p>\n\n\n\n<p>Terraform lets you enforce centralized security, monitoring and governance by making sure all infrastructure deployments adhere to the same policies. You can implement least privilege access control consistently across all your environments.<\/p>\n\n\n\n<p>In order to have a secure foundation for app development, your infrastructure settings need to be optimized to minimize vulnerabilities \u2013 a process known as \u201cconfiguration hardening.\u201d You can do this via Terraform. For example, if your provider recommends disabling unused services on VMs, you can configure Terraform to automatically disable unused services on the VM image, as soon as it is provisioned.<\/p>\n\n\n\n<p>Finally, make sure you use only modules <a href=\"https:\/\/www.env0.com\/blog\/terraform-registry-guide-tips-examples-and-best-practices\" target=\"_blank\" rel=\"noreferrer noopener\">verified in the official Terraform Registry<\/a>. HashiCorp classifies modules and providers listed in the registry with various badges and levels, giving them the badge of trustworthiness. Avoiding third-party components and using only community-vetted assets will give your IaC the double assurance of security and reliability.<\/p>\n\n\n\n<p><strong>Implement Compliance as Code<\/strong><\/p>\n\n\n\n<p>\u201cCompliance as code\u201d involves turning your security and compliance policies into code that can be tested, deployed, and enforced automatically across your infrastructure. If you want to make sure your application security policies comply with standard benchmarks, you need two things: tools and processes.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.openpolicyagent.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Open Policy Agent<\/a> and Sentinel from HashiCorp (the company that developed and manages Terraform) are policy-as-code frameworks that allow you to define and execute security policies written as code in Terraform. Specifically, you can<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Evaluate and enforce rules that Terraform configurations and deployments must adhere to.<\/li>\n\n\n\n<li>Enforce application and infrastructure security policies across cloud environments.<\/li>\n\n\n\n<li>Isolate security misconfigurations during the development process.<\/li>\n\n\n\n<li>Prevent insecure infrastructure from being deployed, preventing applications from being exposed to vulnerabilities.<\/li>\n\n\n\n<li>Integrate apps and modules with CI\/CD pipelines for automatic and consistent enforcement of security policies.<\/li>\n<\/ul>\n\n\n\n<p>Taken as a whole, the above practices serve to build <a href=\"https:\/\/www.cprime.com\/resources\/blog\/security-by-design-7-principles-you-need-to-know\/\" target=\"_blank\" rel=\"noreferrer noopener\">security-by-design<\/a> into your application development process.<\/p>\n\n\n\n<p><strong>Implement Foolproof Secure State Management<\/strong><\/p>\n\n\n\n<p>The directory, configuration, and management information for your infrastructure and its component resources is stored in Terraform state files. It\u2019s imperative to ensure that these state files are versioned, encrypted, and protected from potential conflicts and unauthorized access.<\/p>\n\n\n\n<p>Since state files can contain sensitive data such as passwords, tokens and API keys in plain text form, your best bet is to avoid storing them where they might be found by malicious actors \u2013 simply fetch secrets at runtime and pass them to resources directly.&nbsp;<\/p>\n\n\n\n<p>If you must use the state file, remember to use built-in encryption functions like pgp or kms. Better yet, put a proper secrets management solution in place. HashiCorp Vault, AWS Secrets Manager and Azure Key Vault, all are great tools you can use.<\/p>\n\n\n\n<p>It is essential to secure your Terraform state files while in storage. The go-to options for storing them remotely in a secure backend are Terraform Cloud or AWS S3. For example, configuring Terraform to use an S3 backend with server-side encryption ensures that the state files are encrypted at rest. Also restrict access to the S3 storage bucket using groups or IP whitelisting to ensure least privilege access. Finally, make sure you have adequate backup and recovery measures in place.<\/p>\n\n\n\n<p><strong>Secure Your Infrastructure to Build Secure Apps<\/strong><\/p>\n\n\n\n<p>Tech leads, DevOps professionals, and even CTOs often ignore the importance of meticulous infrastructure management in building secure applications. Misconfiguration in infrastructure code often leads to weak access control that ultimately ends up compromising application and data security. By helping you get IaC right, Terraform does play its part in defining and executing foolproof app security policies.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Terraform is the most popular tool for provisioning and managing Infrastructure-as-Code (IaC) over varied cloud environments. While there is an ongoing debate about open-source and proprietary IaC frameworks, the fact remains that Terraform still has a significant lead in market share over its competitors. Since IaC is now a fundamental DevOps practice, it follows that&#8230; <a class=\"more-link\" href=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/\">Read more<\/a><\/p>\n","protected":false},"author":141,"featured_media":29574,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_editorskit_title_hidden":false,"_editorskit_reading_time":0,"_editorskit_is_block_options_detached":false,"_editorskit_block_options_position":"{}","_uag_custom_page_level_css":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[4329],"tags":[6280,7224],"collections":[],"class_list":{"0":"post-29573","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cybersecurity","8":"tag-devsecops","9":"tag-terraform","10":"entry"},"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v26.9 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>How to Augment App Security with Terraform: First Steps - Codemotion Magazine<\/title>\n<meta name=\"description\" content=\"Don&#039;t miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Augment App Security with Terraform: First Steps\" \/>\n<meta property=\"og:description\" content=\"Don&#039;t miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/\" \/>\n<meta property=\"og:site_name\" content=\"Codemotion Magazine\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Codemotion.Italy\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-09-10T10:18:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-09-10T14:10:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1792\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Dipti Parmar\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CodemotionIT\" \/>\n<meta name=\"twitter:site\" content=\"@CodemotionIT\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Dipti Parmar\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/\"},\"author\":{\"name\":\"Dipti Parmar\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#\\\/schema\\\/person\\\/7cf4b6986dcf1910c3fd8ca2ce2367c8\"},\"headline\":\"How to Augment App Security with Terraform: First Steps\",\"datePublished\":\"2024-09-10T10:18:30+00:00\",\"dateModified\":\"2024-09-10T14:10:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/\"},\"wordCount\":854,\"publisher\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/security-with-terraform.webp\",\"keywords\":[\"DevSecOps\",\"Terraform\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/\",\"name\":\"How to Augment App Security with Terraform: First Steps - Codemotion Magazine\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/security-with-terraform.webp\",\"datePublished\":\"2024-09-10T10:18:30+00:00\",\"dateModified\":\"2024-09-10T14:10:37+00:00\",\"description\":\"Don't miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/security-with-terraform.webp\",\"contentUrl\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/security-with-terraform.webp\",\"width\":1792,\"height\":1024},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/how-to-augment-app-security-with-terraform-first-steps\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to Augment App Security with Terraform: First Steps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#website\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/\",\"name\":\"Codemotion Magazine\",\"description\":\"We code the future. Together\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#organization\",\"name\":\"Codemotion\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2019\\\/11\\\/codemotionlogo.png\",\"contentUrl\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2019\\\/11\\\/codemotionlogo.png\",\"width\":225,\"height\":225,\"caption\":\"Codemotion\"},\"image\":{\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/Codemotion.Italy\\\/\",\"https:\\\/\\\/x.com\\\/CodemotionIT\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/#\\\/schema\\\/person\\\/7cf4b6986dcf1910c3fd8ca2ce2367c8\",\"name\":\"Dipti Parmar\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/dipti-100x100.jpeg\",\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/dipti-100x100.jpeg\",\"contentUrl\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/wp-content\\\/uploads\\\/2024\\\/09\\\/dipti-100x100.jpeg\",\"caption\":\"Dipti Parmar\"},\"url\":\"https:\\\/\\\/www.codemotion.com\\\/magazine\\\/author\\\/dipti-parmar\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"How to Augment App Security with Terraform: First Steps - Codemotion Magazine","description":"Don't miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/","og_locale":"en_US","og_type":"article","og_title":"How to Augment App Security with Terraform: First Steps","og_description":"Don't miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!","og_url":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/","og_site_name":"Codemotion Magazine","article_publisher":"https:\/\/www.facebook.com\/Codemotion.Italy\/","article_published_time":"2024-09-10T10:18:30+00:00","article_modified_time":"2024-09-10T14:10:37+00:00","og_image":[{"width":1792,"height":1024,"url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp","type":"image\/webp"}],"author":"Dipti Parmar","twitter_card":"summary_large_image","twitter_creator":"@CodemotionIT","twitter_site":"@CodemotionIT","twitter_misc":{"Written by":"Dipti Parmar","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#article","isPartOf":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/"},"author":{"name":"Dipti Parmar","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/7cf4b6986dcf1910c3fd8ca2ce2367c8"},"headline":"How to Augment App Security with Terraform: First Steps","datePublished":"2024-09-10T10:18:30+00:00","dateModified":"2024-09-10T14:10:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/"},"wordCount":854,"publisher":{"@id":"https:\/\/www.codemotion.com\/magazine\/#organization"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp","keywords":["DevSecOps","Terraform"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/","url":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/","name":"How to Augment App Security with Terraform: First Steps - Codemotion Magazine","isPartOf":{"@id":"https:\/\/www.codemotion.com\/magazine\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#primaryimage"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp","datePublished":"2024-09-10T10:18:30+00:00","dateModified":"2024-09-10T14:10:37+00:00","description":"Don't miss this guide with essential tips, concepts and examples for enhancing your app security with Terraform. Read on!","breadcrumb":{"@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#primaryimage","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp","width":1792,"height":1024},{"@type":"BreadcrumbList","@id":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/how-to-augment-app-security-with-terraform-first-steps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.codemotion.com\/magazine\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity","item":"https:\/\/www.codemotion.com\/magazine\/cybersecurity\/"},{"@type":"ListItem","position":3,"name":"How to Augment App Security with Terraform: First Steps"}]},{"@type":"WebSite","@id":"https:\/\/www.codemotion.com\/magazine\/#website","url":"https:\/\/www.codemotion.com\/magazine\/","name":"Codemotion Magazine","description":"We code the future. Together","publisher":{"@id":"https:\/\/www.codemotion.com\/magazine\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.codemotion.com\/magazine\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.codemotion.com\/magazine\/#organization","name":"Codemotion","url":"https:\/\/www.codemotion.com\/magazine\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2019\/11\/codemotionlogo.png","width":225,"height":225,"caption":"Codemotion"},"image":{"@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Codemotion.Italy\/","https:\/\/x.com\/CodemotionIT"]},{"@type":"Person","@id":"https:\/\/www.codemotion.com\/magazine\/#\/schema\/person\/7cf4b6986dcf1910c3fd8ca2ce2367c8","name":"Dipti Parmar","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/dipti-100x100.jpeg","url":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/dipti-100x100.jpeg","contentUrl":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/dipti-100x100.jpeg","caption":"Dipti Parmar"},"url":"https:\/\/www.codemotion.com\/magazine\/author\/dipti-parmar\/"}]}},"featured_image_src":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-600x400.webp","featured_image_src_square":"https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-600x600.webp","author_info":{"display_name":"Dipti Parmar","author_link":"https:\/\/www.codemotion.com\/magazine\/author\/dipti-parmar\/"},"uagb_featured_image_src":{"full":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp",1792,1024,false],"thumbnail":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-150x150.webp",150,150,true],"medium":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-300x171.webp",300,171,true],"medium_large":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-768x439.webp",768,439,true],"large":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-1024x585.webp",1024,585,true],"1536x1536":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-1536x878.webp",1536,878,true],"2048x2048":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform.webp",1792,1024,false],"small-home-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-100x100.webp",100,100,true],"sidebar-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-180x128.webp",180,128,true],"genesis-singular-images":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-896x504.webp",896,504,true],"archive-featured":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-400x225.webp",400,225,true],"gb-block-post-grid-landscape":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-600x400.webp",600,400,true],"gb-block-post-grid-square":["https:\/\/www.codemotion.com\/magazine\/wp-content\/uploads\/2024\/09\/security-with-terraform-600x600.webp",600,600,true]},"uagb_author_info":{"display_name":"Dipti Parmar","author_link":"https:\/\/www.codemotion.com\/magazine\/author\/dipti-parmar\/"},"uagb_comment_info":0,"uagb_excerpt":"Terraform is the most popular tool for provisioning and managing Infrastructure-as-Code (IaC) over varied cloud environments. While there is an ongoing debate about open-source and proprietary IaC frameworks, the fact remains that Terraform still has a significant lead in market share over its competitors. Since IaC is now a fundamental DevOps practice, it follows that&#8230;&hellip;","lang":"en","_links":{"self":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/29573","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/users\/141"}],"replies":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/comments?post=29573"}],"version-history":[{"count":2,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/29573\/revisions"}],"predecessor-version":[{"id":29582,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/posts\/29573\/revisions\/29582"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/media\/29574"}],"wp:attachment":[{"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/media?parent=29573"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/categories?post=29573"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/tags?post=29573"},{"taxonomy":"collections","embeddable":true,"href":"https:\/\/www.codemotion.com\/magazine\/wp-json\/wp\/v2\/collections?post=29573"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}