Love the video, but the music between each sections is incredibly loud and kinda distrupts everything. just my 2c. First video i've seen from you, but i'm subscribed!
I feel most of the examples for using 'check' fall into a category that should be handled with an actual monitoring and alerting system. One usecase I was thinking was instead of relying on Sentinel not available on the (former) OSS version, you could add checks for certain policies, like tagging and labeling formats on resources.
I think you're right. A lot of the major issues should be picked up by a monitoring solution long before you run your next terraform plan. Could be a belt and suspenders type approach?
10/10 explanation skill. Question: I use aws provider, i do have a module i have modified to deploy a ec2 and based of a variable to join it on directory service. Will this check block make use to firstly check if i do have a shared domain service in that account , and also its credentials stored in secrets manager? And if not throw an error that those 2 things are missing? Will this be one use case?
I would actually recommend using some combination of data sources and pre/postcondition blocks to accomplish that goal. It sounds like you would want the plan/apply to fail if you don't have the necessary credentials. The check block will only emit a warning, it will not stop the plan or apply processes.