AWS in 2025: The stuff you think you know that’s now wrong — If you haven’t been following AWS service evolution over the last several years, you may have some outdated assumptions about EC2, S3, networking, Lambda, and other core services. Learn about modern capabilities like live instance migration, S3 consistency improvements, and cost optimization.
by COREY QUINN
.....
Scanning for Windows-related secret sprawl with HCP Vault Radar — Learn how to extend Vault Radar's secret scanning capabilities with custom expressions to detect Windows-specific secrets like BitLocker recovery keys and LAPS passwords. This practical guide covers setting up custom regex patterns and demonstrates real-world detection of secret sprawl across GitHub repositories and Confluence spaces.
by ERIK GRINA RAASSUM
.....
Finding vulnerabilities in modern web apps using Claude Code and OpenAI Codex — In this evaluation of Claude Code and OpenAI Codex vulnerability detection capabilities, the authors used the tools to find 67 vulnerabilities in 11 large Python web applications. Read the post to learn more about the high false-positive rates along with strengths and weaknesses.
by ROMAIN GAUCHER, VASILII ERMILOV, and CLINT GIBLER
.....
Terraform GitHub Actions workflows — Learn Terraform deployment patterns using GitHub Actions and HCP Terraform with real-world scenarios from customer implementations.
by MANU CHANDRASEKHAR
.....
Terraform: AWS EKS Terraform module update from version 20.x to version 21 — Get a detailed walkthrough of upgrading an AWS EKS Terraform module, covering AWS provider 6.0 migration, variable renames, IRSA to EKS pod identity transition, and troubleshooting CNI initialization issues during new cluster deployment.
by SETEVOY
Orchestrating Java Spring Boot applications with Nomad — This guide covers using HashiCorp Nomad's Java driver, service discovery, and variables for configuration management alongside modern workloads.
by RAVI PANCHAL
.....
Vault onboarding is where adoption lives or dies — Learn how to build developer-friendly onboarding workflows using IdPs, Terraform automation, and standardized templates to make the secure path the easiest path for teams adopting HashiCorp Vault.
by BRYAN KRAUSEN
The 2025 Cloud Complexity Reportsurveyed 1,100 IT, DevOps, platform, and software engineering leaders about the top challenges of managing hybrid and multi-cloud environments.
Terraform provider for Google Cloud 7.0 is now GA — At AWS Summit NYC, we announced new MCP servers for HashiCorp Vault and HCP Vault Radar, along with updates for the official HashiCorp Terraform MCP server.
by VISHNU RAVINDRA
.....
Policy as code, explained — Policy as code is a smarter, faster way to manage risk at scale. Learn why it’s becoming mainstream like infrastructure as code.
by KASHAF SALAHEEN and MITCH PRONSCHINSKE
.....
Use Terraform to build an AWS landing zone — Learn how to deploy AWS landing zones that align with the AWS Well-Architected Framework using HCP Terraform.
by OSCAR MEDINA
5 lessons from Moneybox’s Terraform journey — This blog post explores how Moneybox’s Terraform strategy delivered early efficiency gains, gradual integration, and critical business goals.
by MITCH PRONSCHINSKE
Watch the HashiConf 2025 live stream September 25 and 26
Wednesday, Sept. 17 — Whether you're an infrastructure engineer, security professional, or IT leader, this session will equip you with the tools and insights to enhance your access management strategy — all with a focus on simplicity and security.
Thursday, Sept. 18 — Learn how Terraform and Ansible work “better together” and see some examples of the two products in action, driving infrastructure lifecycle management workflows.
Tuesday, Oct. 7 — Join this two-hour, hands-on workshop to learn how Radar helps find and secure leaked secrets like passwords and API keys before attackers do.
