Love the video, but the music between each sections is incredibly loud and kinda distrupts everything. just my 2c. First video i've seen from you, but i'm subscribed!
I feel most of the examples for using 'check' fall into a category that should be handled with an actual monitoring and alerting system. One usecase I was thinking was instead of relying on Sentinel not available on the (former) OSS version, you could add checks for certain policies, like tagging and labeling formats on resources.
I think you're right. A lot of the major issues should be picked up by a monitoring solution long before you run your next terraform plan. Could be a belt and suspenders type approach?
10/10 explanation skill. Question: I use aws provider, i do have a module i have modified to deploy a ec2 and based of a variable to join it on directory service. Will this check block make use to firstly check if i do have a shared domain service in that account , and also its credentials stored in secrets manager? And if not throw an error that those 2 things are missing? Will this be one use case?
I would actually recommend using some combination of data sources and pre/postcondition blocks to accomplish that goal. It sounds like you would want the plan/apply to fail if you don't have the necessary credentials. The check block will only emit a warning, it will not stop the plan or apply processes.
Good info, I learned something new. Thank you!
Love the video, but the music between each sections is incredibly loud and kinda distrupts everything. just my 2c. First video i've seen from you, but i'm subscribed!
Noted! I keep trying to find the right balance of music volume and transitions.
I feel most of the examples for using 'check' fall into a category that should be handled with an actual monitoring and alerting system. One usecase I was thinking was instead of relying on Sentinel not available on the (former) OSS version, you could add checks for certain policies, like tagging and labeling formats on resources.
I think you're right. A lot of the major issues should be picked up by a monitoring solution long before you run your next terraform plan. Could be a belt and suspenders type approach?
10/10 explanation skill.
Question: I use aws provider, i do have a module i have modified to deploy a ec2 and based of a variable to join it on directory service. Will this check block make use to firstly check if i do have a shared domain service in that account , and also its credentials stored in secrets manager? And if not throw an error that those 2 things are missing? Will this be one use case?
I would actually recommend using some combination of data sources and pre/postcondition blocks to accomplish that goal. It sounds like you would want the plan/apply to fail if you don't have the necessary credentials. The check block will only emit a warning, it will not stop the plan or apply processes.