DEV Community

Guilherme Marochio
Guilherme Marochio

Posted on

5 Terraform Mistakes I Keep Seeing in AWS Projects

Infrastructure usually doesn't fail because of Terraform itself.

Most issues come from configuration choices that look harmless during development but become expensive later.

Here are five common findings I keep seeing in AWS Terraform projects.

1. Public Security Groups

Opening sensitive ports to the internet increases the attack surface and can expose production resources.

2. Public S3 Buckets

Accidentally exposing storage is still one of the most common cloud security issues.

3. HTTP Without HTTPS

Encrypting traffic should be the default. Leaving applications accessible only through HTTP exposes data in transit.

4. Storage Without Encryption

Databases and storage services should always protect data at rest.

5. No Bucket Versioning

Versioning helps recover from accidental deletions, overwrites and even ransomware scenarios.

None of these problems are particularly difficult to fix.

The challenge is identifying them before they reach production.

That's why infrastructure reviews before deployment can save a significant amount of time, money and operational risk.

Website:

https://stageauto-site.netlify.app

Example Report:

https://stageauto-site.netlify.app/report-example.pdf

Top comments (0)