Posts Tagged "DevSecOps"
Terraform IaC Pipeline with GitHub Actions: A Production-Grade Guide
A complete walkthrough for building a production-grade Terraform CI/CD pipeline using GitHub Actions — covering the bootstrap problem, multi-layer architecture, OIDC authentication, security scanning, and automated deployment to AWS ECS Fargate.
Read Post
Closing the Security Scanning Gaps in Your CI/CD Pipeline
tfsec already guards your Terraform code. But secrets, container CVEs, and vulnerable npm packages can still slip through. Here is how to close every gap with five focused tools — free, open-source, and wired into your existing GitHub Actions workflow.
Read Post
Building a Security Scan Skill with Claude Code
How I built a single Claude Code custom slash command that automatically detects your project stack and runs 11 specialized security tools — covering secrets, dependency CVEs, container images, IaC misconfigurations, and SAST across 8 languages and 7 IaC frameworks.
Read Post
Terraform Multi-Layer Architecture: Bootstrap, Foundation, Platform, Application
A practical guide to structuring Terraform into four independent layers — solving the chicken-and-egg bootstrap problem, isolating blast radius, enforcing least-privilege IAM per layer, and wiring everything together with remote state references.
Read Post