• Vault and TFE - Fun with Dynamic Secrets for GCP

    (12 May 2020)
    One topic that always comes up is how to handle GCP Service Account keys. What are they, what do they have access to, how do we manage them, and so forth. It is always a sensitive subject due to the risks associated if not appropriately handled. This post is a look at how we can use Vault's GCP Secrets Engine to dynamically generate service account keys and provide a central location to manage key rotation, and what access is granted with that key.
  • Terraform Enterprise, Workspaces and GitHub Repositories

    (01 May 2020)
    Code reusability is a much sought-after goal of organizations and developers alike. The idea conjures the idea of high-efficiency, resulting in reduced bugs, reduced operational support load, and most importantly, reduced time to market. The thing I see over and over again is locally cloned repositories, locally cloned Terraform modules, and hardcoded variable values within repos. All of these the enemy of efficiency and standardization. This blog is a quick look at how you can leverage Terraform Enterprise to set variables at a workspace level, allowing an organization to create a many to one relationship between Terraform Enterprise Workspaces and GitHub repositories.
  • Azure DevOps Terraform Pipeline for GCP

    (22 Apr 2020)
    This blog is a look at using Azure DevOps to create pipelines that deploy infrastructure into GCP using Terraform, just because we can. Complete with a high-level overview, code snippets, and some strong opinions. Readers will take away a possible approach on how to leverage this technology for their organization.
  • Governing a MachineDeployment with Anthos Config Management

    (10 Sep 2019)
    Demonstrating SCM-based configuration and IaC using Anthos Config Management with GKE On-Prem (or GCP).
  • GKE On-Prem and Anthos Config Management

    (09 Apr 2019)
    Harness the power of Google Kubernetes Engine on your premises! Oversee hybrid Kubernetes deployments and autoscaling infrastructure as code.
  • Infra-as-code-as-talk

    (02 Mar 2019)
    I had the honour of presenting at the local DevOpsDays Toronto meetup on a topic that's close to my heart in our everyday practice: Infra-as-Code
  • Automate Azure builds with Ansible Tower

    (29 Jan 2019)
    IAC has revolutionized operations, transforming how modern organizations build, ship, and run applications on any infrastructure. Microsoft Azure and Ansible Tower provide the functions and integrations to make your automated cloud deployments sing!