All news with #terraform tag

Shifting Left at Enterprise Scale for Cloudflare Governance

🔐 Cloudflare describes how its Customer Zero team moved internal production account management from manual dashboard changes to a centralized Infrastructure as Code model to reduce human error and accelerate secure change. The effort uses Terraform, an Atlantis-driven CI/CD pipeline, and a custom tfstate-butler backend to securely manage state at scale. Policy enforcement relies on Open Policy Agent Rego policies executed through Conftest on every merge request, with warnings or deny gates and a formal exceptions workflow.

Google Application Design Center Now Generally Available

🛠️ Google's Application Design Center is now generally available, delivering a visual, canvas-style, AI-assisted environment to design and deploy Terraform-backed application templates. It pairs Gemini Cloud Assist with opinionated Terraform components to generate deployable infrastructure patterns and architecture diagrams. Integrated with App Hub and Cloud Hub, it makes applications discoverable, observable, and manageable, while supporting BYO-Terraform, GitOps, and enterprise governance to accelerate platform engineering and developer self-service.

AWS Transfer Family Terraform Module Adds Custom IdP

🚀 The AWS Transfer Family Terraform module now supports provisioning Transfer Family servers with a custom identity provider (IdP), enabling integration with existing authentication systems and centralized access control. This update automates deployment of SFTP, FTPS, FTP, AS2 and browser-based endpoints using Terraform, removing repeated manual configuration. The module is built on the open source Custom IdP solution and includes an Amazon Cognito example to help teams get started quickly.

AWS Tag Policies: Validate and Enforce Required Tags

🔒 AWS Organizations Tag Policies introduces Reporting for Required Tags, a validation check that ensures IaC deployments include mandatory tags. You define a tag policy specifying required keys and enable validation for CloudFormation, Terraform, or Pulumi workflows. Validation is implemented by activating the AWS::TagPolicies::TaggingComplianceValidator Hook in CloudFormation, adding plan-time checks in Terraform, or enabling the aws-organizations-tag-policies policy pack in Pulumi. The feature is available via the AWS Management Console, AWS CLI, and AWS SDK in supported Regions.

AWS Transfer Family Terraform Module Adds Malware Scanning

🛡️ AWS has updated the Transfer Family Terraform module to support automated malware scanning workflows for files transferred to S3. The module provisions GuardDuty S3 Protection–based scan pipelines, dynamic routing based on results, and threat notifications in a single deployment. It preserves folder structure, allows granular S3 prefix targeting, and helps ensure only verified clean files reach applications and data lakes.

AWS Transform auto-generates Landing Zone network YAML

☁️ AWS Transform for VMware can now automatically convert VMware network environments into Landing Zone Accelerator (LZA)-compatible YAML network configurations that can be directly imported and deployed via LZA. Building on existing IaC output formats such as CloudFormation, AWS CDK, and Terraform, this capability reduces manual re-creation of network settings, lowers the risk of configuration errors, and accelerates migration timelines while aligning deployments with enterprise security and compliance standards.

AWS Transform Adds Terraform Module Generation for VMware

🔁 AWS Transform for VMware now generates reusable Terraform modules from discovered VMware network definitions, complementing existing AWS CloudFormation and CDK outputs. The feature converts source network configurations into modular, customizable infrastructure code that fits into current deployment pipelines. It is available in all Regions where the service is offered and helps teams preserve operational consistency during migrations. By producing Terraform modules, the service enables reuse of Terraform-based workflows, reduces manual configuration effort, and supports teams that prefer Terraform for network automation.

AWS Transfer Family Adds Terraform SFTP Connector Support

🚀 The AWS Transfer Family Terraform module now supports provisioning SFTP connectors to transfer files between Amazon S3 and remote SFTP servers. Announced 2025-08-27, the addition builds on existing Terraform support for SFTP server endpoints and enables programmatic provisioning of connectors, dependencies, and customizations in a single IaC deployment. The module includes end-to-end examples to automate transfers on schedules or event triggers, reducing manual configuration and improving repeatability, security, and scale.