Static analysis: How to perform other types of automated testing on Terraform code, such as static analysis. The negatives that I would identify would be that it is very front-heavy. Chapters 1-5 are pure gold. Chapter 6 is decent, and the last two chapters (7-8) are a mess. As others have pointed out, this book uses an older version of Terraform and several breaking changes have occurred. But I was still able to follow along. I assume the author will release a 3rd edition soon which should implement the new version 1 of Terraform which should be more stable going forward.

If you want an other provider, you'll have to manage yourself and probably won't benefit **that much** from the book. by chapter. For example, if you're looking at an example of Terraform code in Chapter 2, you'll find it in the The rapid evolution of the DevOps industry, though still in its infancy, poses an interesting question. The myriad of tools associated with Terraform has set a precedent, and one can only wonder where the trajectory will take us. Given the ever-evolving nature of technology, this book presents an effective foundation for those wanting to stay ahead of the curve. This book helped me understanding how Terraform works and what are the strengths / weaknnesses (immutable, declarative, agentless and so on) In the second part of the series, which will come out when the final version of the 3rd edition is published ( Update, September 28, 2022: the 3rd edition is now published , and the second part of the blog post series is available !), I’ll cover 5 more problems and solutions, including input validation, refactoring, static analysis, policy enforcement, and maturity. Grab a copy of the book to get full access to all of this content! Multiple regions, accounts, and clouds The problemTo deploy into multiple clouds, you create multiple copies of different providers. Readers of the first two editions of this book often asked for examples of how to work with multiple clouds (e.g., AWS, Azure, GCP), but I struggled to find an example where it was practical to do this in a single module. Here’s why:

Terraform: Up & Running is now on its 3rd edition; all the code in master is for this edition. If you're looking Just about all of the code examples in the 2nd edition of the book used a single region in a single account of a single cloud (AWS). But what if you wanted to deploy into multiple regions? Or multiple accounts? Or multiple clouds (e.g., AWS, GCP, and Azure)? The solution There are several ingredients to setting up a secure CI / CD pipeline for Terraform. The first ingredient is to handle credentials on your CI server securely. The 3rd edition of the book adds examples of using environment variables, IAM roles, and arguably the most secure option of all, OpenID Connect (OIDC). Chapter 6 includes an example of using OIDC with GitHub Actions to authenticate to AWS, via an IAM role, without having to manage any credentials at all: # Authenticate to AWS using OIDCAWS examples only. Minor nit here, but it’s kind of a bummer that the examples in the book and on github are aws only. I can’t blame the author here, since the point is Terraform, not your favorite provider X. your infrastructure as code and to deploy and manage that infrastructure across a variety of public cloud The book does a very, very solid job of teaching you how to use terraform right and not mess with your state. However there is another approach presented on how to prevent state file concurrency issues by using a CI to apply server provisioning. Of course this is limited to good will and sanity of other team members still not running terraform apply by themselves since I am not aware of an option preventing terraform users of running apply at all. The entire book has also been updated to mark all input and output variables that could contain secrets with the new sensitive keyword, which was introduced in Terraform 0.14 and 0.15 to tell Terraform to never log these values, as they may contain sensitive data: variable "db_username" {