Automate Secure Infrastructure with Packer, Vault and Terraform

Transitioning from traditional infrastructure deployment and management processes can be challenging. Implementing infrastructure as code principles and using best practices leads to repeatable...

Read More
Duration 3 days
Available Formats Classroom
7095 Reviews star_rate star_rate star_rate star_rate star_half
Course Image

Transitioning from traditional infrastructure deployment and management processes can be challenging. Implementing infrastructure as code principles and using best practices leads to repeatable results, fewer manual errors, and overall quicker application releases for your customers. This class focuses on using automation tools to build, deploy, and manage security-hardened infrastructure. Using Packer, students can automate building a golden base image consisting of company policies and best practices. This image can then be deployed with Terraform, using Vault to manage sensitive passwords and secrets.

Skills Gained

Attendees will understand best practices for automated building of secure infrastructure using code, storing that code in version control, and deployment using Terraform and managing secrets with Vault. They will also use Packer to automate building of "golden images".

Who Can Benefit

This class's audience is Developers, DevOps, Architects, Team Leads, Operations, and any other Engineering personnel interested in learning best practices for automating, deploying, managing, and securing infrastructure and application code.


Attendees should have a basic understanding of Linux and command-line experience.

Course Details

What you learn:

Configuration Management

  • Configuration Drift
  • Challenges with Manual Configuration
  • Infrastructure as Code
  • Introduction to Automation Tools: Packer, Terraform, Vault
  • Benefits of Configuration Management


  • Introduction
  • Features
  • Commands
  • Terminology
  • Language (HCL)

Packer Builders

  • Overview
  • Builder types: Cloud, Docker, VMware


  • Types: Shell, Ansible, Chef
  • Cleanup provisioner
  • Template syntax

Post Processors

  • Overview
  • Use cases
  • Best practices

Terraform Introduction

  • Overview
  • Architecture
  • Why Terraform?
  • Comparison of tools
  • Core components
  • Fundamental concepts

Programming Structure

  • Providers
  • Resources
  • Variables
  • Data sources
  • Outputs
  • Cloud integration


  • Types and Arguments
  • Behavior
  • Dependencies
  • Local only resources


  • Inputs
  • References
  • Outputs and Locals
  • Overrides

Terraform CLI

  • Features
  • Commands
  • Managing infrastructure

State management

  • Local or Remote?
  • Remote storage options: S3, AzureRM, Google File Storage
  • Integrating with Git
  • Challenges with State file locking
  • Importing existing resources


  • Types of Provisioners
  • Remote execute provisioners
  • Local execute provisioners
  • Storing provisioners in repository

Modules and Workspaces

  • Understanding DRY (Don't Repeat Yourself) principle
  • Variables and Modules
  • Terraform module registry
  • Terraform workspace


  • The right way to handle Access & Secret keys
  • Managing resources in multiple regions
  • Terraform and Identity Access Management (IAM)

Vault Introduction

  • Overview
  • Architecture
  • Comparison of tools
  • Core components
  • Fundamental concepts
  • Platforms

Secret Engines

  • Static secrets
  • Cubbyhole secret engine
  • Dynamic secrets
  • Encryption
  • Authentication


  • Configuration
  • Authentication methods
  • Syntax
  • Constraints

Vault Agent

  • Overview
  • Auto-Auth
  • Methods
  • Caching

Putting it all together

  • Building images with Packer
  • Creating and managing infrastructure with Terraform
  • Deploying Vault
  • Integration with Kubernetes
  • Securely deploying applications


  • Review
  • Q&A
  • Next steps
Contact Us 1-800-803-3948
Contact Us
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward