This blog post will be a quick one focusing on troubleshooting a less clear error, ‘Cannot delete entity, must remove tokens from principal first’, that Terraform can throw when you try to delete IAM users from AWS.
Let’s assume that in your Terraform configuration, you manage IAM users and you want to delete one of them. You’d think that by simply removing the Terraform code and then running terraform apply it will delete the users. Which was my case. But then as soon as I ran the command to destroy the resource I ran into an issue:
Recently, I had to enable WAF on our Azure Application Gateway. Because of our infrastructure setup, I wanted to have all the rules from OWASP 3.2 enabled, but I needed to be able to exclude some of our (valid) requests from being blocked as well. To achieve this, I could either try to configure the WAF Config section on our Gateway or create a WAF policy.
Given that it was not entirely clear how you can use proper exclusions and filters based on what you need, I decided to write this post to explain the differences I found between the two and how you can use them.
Currently, there is no option for adding a Group as an Owner to a Service Principal or Azure AD Application.
If you try you will most likely run into the following error:
unexpected status 400 with OData error: Request_BadRequest: The reference target â 'Group_0000000-0000-000000-000000' of type 'Group' is invalid for the 'owners' reference. This is a quick post on how you can add members of an Az AD Group as Owners of a Service Principal or Azure AD Application. This is useful if you want to give your team members access to the Service Principal or Azure AD Application without giving them access to the Azure Subscription.
When I started migrating to Kubernetes (K8s) I discovered that I can use Terraform for managing not only the infrastructure, but also I could define the K8s objects in it, but I also could use Helm to handle that. But what would be a good way to handle this?
In this post we will cover Terraform and Helm for managing Kubernetes clusters with some code snippets and an idea on how you can use them together to get you started.
We ran into an issue while applying our Terraform infrastructure on a M1 Mac where we were making use of the Terraform Provider Template.
When applying it, we were getting the following error:
template v2.2.0 does not have a package available for your current platform, darwin_arm64 Since the provider is archived, we need to find an alternative.
What does archiving mean? Per Terraform Archiving Providers documentation.
The code repository and all commit, issue, and PR history will still be available. Existing released binaries will remain available on the releases site. Documentation for the provider will remain on the Terraform website. Issues and pull requests are not being monitored, merged, or added. No new releases will be published. Nightly acceptance tests may not be run. So what alternatives do we have instead of the deprecated provider?
This article applies to Terraform v1.1.4
When using Terraform to manage your infrastructure you will end up in the situation when you want to remove some resources.
You can do this in several ways, but most of the time you can also just remove the Terraform configuration by commenting it out the code, or removing the calling of the module, run terraform apply and it will get rid of the resources.
