Jump to content

Search the Community

Showing results for tags 'terraform cloud'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • General
    • Welcome New Members !
    • General Discussion
    • Site News
  • DevOps & SRE
    • DevOps & SRE General Discussion
    • Data Engineering, Data Science & AI
    • Development & Programming
    • CI/CD & GitOps
    • Docker, Containers, Microservices & Serverless
    • Infrastructure-as-Code
    • Kubernetes
    • Linux
    • Monitoring, Observability & Logging
    • Security
  • Cloud Providers
    • Amazon Web Services
    • Google Cloud Platform
    • Microsoft Azure
    • Red Hat OpenShift

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


LinkedIn Profile URL


About Me


Development Experience


Cloud Experience


Current Role


Skills


Certifications


Favourite Tools


Interests

Found 13 results

  1. In November 2023, we announced the general availability of the Terraform Cloud Operator for Kubernetes. The Terraform Cloud Operator streamlines infrastructure management, allowing platform teams to offer a Kubernetes-native experience for their users while standardizing on Terraform workflows. Today we are excited to announce the general availability of version 2.3 of the Terraform Cloud Operator, with the ability to initiate workspace runs declaratively. Introducing workspace run operations In previous versions of the Terraform Cloud Operator v2, the only way to start a run was by patching the restartedAt timestamp in the Module resource. But this approach was not intuitive, did not work for all types of workspaces and workflows, and did not allow users to control the type of run to perform. This challenge hindered migration efforts to the newest version of the Terraform Cloud Operator. . Now with version 2.3, users can declaratively start plan, apply, and refresh runs on workspaces. This enhances self-service by allowing developers to initiate runs on any workspace managed by the Operator, including VCS-driven workspaces. The Workspace custom resource in version 2.3 of the operator supports three new annotations to initiate workspace runs: workspace.app.terraform.io/run-new: Set this annotation to "true" to trigger a new run. workspace.app.terraform.io/run-type: Set to plan (default), apply, or refresh to control the type of run. workspace.app.terraform.io/run-terraform-version: Specifies the version of Terraform to use for a speculative plan run. For other run types, the workspace version is used. As an example, a basic Workspace resource looks like this: apiVersion: app.terraform.io/v1alpha2 kind: Workspace metadata: name: this spec: organization: kubernetes-operator token: secretKeyRef: name: tfc-operator key: token name: kubernetes-operatorUsing kubectl as shown here, annotate the above resource to immediately start a new apply run: kubectl annotate workspace this \ workspace.app.terraform.io/run-new="true" \ workspace.app.terraform.io/run-type=apply --overwriteThe annotation is reflected in the Workspace resource for observability: apiVersion: app.terraform.io/v1alpha2 kind: Workspace metadata: annotations: workspace.app.terraform.io/run-new: "true" workspace.app.terraform.io/run-type: apply name: this spec: organization: kubernetes-operator token: secretKeyRef: name: tfc-operator key: token name: kubernetes-operatorAfter the run is successfully triggered, the operator will set the run-new value back to "false". Learn more and get started HashiCorp works to continuously improve the Kubernetes ecosystem by enabling platform teams at scale. Learn more about the Terraform Cloud Operator by reading the documentation and the Deploy infrastructure with the Terraform Cloud Kubernetes Operator v2 tutorial. If you are completely new to Terraform, sign up for Terraform Cloud and get started using the Free offering today. View the full article
  2. HashiCorp Terraform Cloud run tasks have long been a staple for securely sharing Terraform-related data with trusted integration partners. And with the newest enhancements, the benefits go even further. These improvements empower teams to seamlessly expand their use of essential third-party integrations, facilitating automation, configuration management, security, compliance, and orchestration tasks. Recent efforts by the HashiCorp Terraform team have focused on refining the process of associating run tasks within Terraform organizations, significantly reducing day-to-day overhead. Plus, the introduction of a new post-apply stage broadens the potential use cases for run tasks, offering even more value to users. Scoping organizational run tasks Initially, run tasks were tailored to meet the needs of teams provisioning infrastructure with Terraform Cloud. Recognizing the diversity of tools used in Terraform workflows, we integrated them seamlessly into Terraform Cloud as first-class run task integrations. This gave teams additional flexibility in selecting and managing run tasks for their workspaces. As run task adoption grows within organizations, platform operations teams face challenges in ensuring consistency across the organization. Managing individual run task assignments can become cumbersome, with platform teams striving for standardization across workspaces. To address this, we've introduced scopes to organizational run tasks in Terraform Cloud. This feature allows platform teams to define the scope of organizational run tasks, targeting them globally and specifying evaluation stages for enforcement. Organization-wide enforcement eliminates configuration burden and reduces the risk of compliance gaps as new workspaces are created. Multi-stage support further enhances the run task workflow, streamlining configuration and reducing redundant code when using the Terraform Cloud/Enterprise (tfe) provider for run task provisioning and management. Introducing post-apply run tasks Post-provisioning tasks are crucial for managing and optimizing infrastructure on Day 2 and beyond. These tasks include configuration management, monitoring, performance optimization, security management, cost optimization, and scaling to help ensure efficient, secure, and cost-effective operations. Recent discussions with customers underscored the need to securely integrate third-party tools and services into Terraform workflows after infrastructure is provisioned with Terraform Cloud. Post-provisioning processes often require manual intervention before systems or services are production-ready. While API-driven workflows can expedite post-provisioning, the lack of a common workflow poses implementation challenges. In response to these concerns, we've introduced a new post-apply stage to the run task workflow. This stage lets users seamlessly incorporate post-provisioning tasks that automate configuration management, compliance checks, and other post-deployment activities. The feature simplifies the integration of Terraform workflows with users' toolchains, prioritizing security and control. Refined user experience for run tasks As part of the implementation of run task scopes, we've extended support for multi-stage functionality to workspace run tasks. We also introduced two new views that offer users the flexibility to see the run tasks associated with their workspace. Now workspace administrators can choose to view their run task associations as a list or grouped by assigned stages. Summary and resources The advancements in Terraform Cloud's run task workflow empower users to streamline infrastructure provisioning and management. You can elevate your workflow with scopes for organizational run tasks and harness the potential of the post-apply stage. To learn more, explore HashiCorp’s comprehensive run tasks documentation. Additionally, we provide a Terraform run task scaffolding project written in Go to help you write your own custom run task integration. If you're new to Terraform, sign up for Terraform Cloud today and start for free. View the full article
  3. HashiCorp Terraform is the world’s most widely used multi-cloud provisioning product. The Terraform ecosystem has notched more than 3,000 providers, 14,000 modules, and 250 million downloads. Terraform Cloud is the fastest way to adopt Terraform, providing everything practitioners, teams, and global businesses need to create and collaborate on infrastructure and manage risks for security, compliance, and operational constraints. This month, AWS AppFabric added support for Terraform Cloud, expanding an already long list of ways that Terraform can connect, secure and provision infrastructure with AWS. This post will explore the new AppFabric support and highlight two other key existing integrations: Dynamic provider credentials and AWS Service Catalog support for Terraform Cloud. AWS AppFabric support for Terraform Cloud AWS AppFabric now supports Terraform Cloud. IT administrators and security analysts can use AppFabric to quickly integrate with Terraform Cloud, aggregate enriched and normalized SaaS audit logs, and audit end-user access across their SaaS apps. This launch expands AWS AppFabric supported applications used across an organization. AWS AppFabric quickly connects SaaS applications, or data lakes like Amazon Security Lake. For Terraform Cloud users, this integration can accelerate time-to-market and help developers release new features to production faster with streamlined infrastructure provisioning and application delivery workflows. To learn more, visit the AWS AppFabric page and then check out how to connect AppFabric to your Terraform Cloud account. Dynamic credentials with the AWS provider Introduced early last year, Terraform Cloud's dynamic provider credentials let you establish a trust relationship between Terraform Cloud and AWS. They limit the blast radius of compromised credentials by using unique, single-use credentials for each Terraform run. Dynamic credentials also give you fine-grained control over the resources that each of your Terraform Cloud projects and workspaces can manage. Terraform Cloud supports dynamic credentials for AWS and Vault. To learn more, AWS and HashiCorp have since written a joint blog post on how to Simplify and Secure Terraform Workflows on AWS with Dynamic Provider Credentials and you can learn how to configure Dynamic Credentials with the AWS Provider at HashiCorp Developer. Terraform Cloud self-service provisioning with AWS Service Catalog In August 2023, AWS added AWS Service Catalog support for Terraform Cloud. This includes integrated access to key AWS Service Catalog features, including cataloging of standardized and pre-approved Terraform configurations, infrastructure as code templates, access control, resource provisioning with least-privilege access, versioning, sharing to thousands of AWS accounts, and tagging. By combining Terraform Cloud with AWS Service Catalog, we’re connecting the AWS Service Catalog interface that many customers already know, with the existing workflows and policy guardrails of Terraform Cloud. HashiCorp and AWS have since co-presented at HashiConf (Terraform Cloud self-service provisioning with AWS Service Catalog) and partnered on AWS’s blog post on How to Use AWS Service Catalog with HashiCorp Terraform Cloud, demonstrating the workflow for provisioning a new product and offering access to getting-started guides. Self-service infrastructure is no longer a dream Platform teams can use Terraform Cloud, HCP Waypoint, and the AWS Service Catalog to create simplified Terraform-based workflows for developers. Terraform modules can incorporate unit testing, built-in security, policy enforcement, and reliable version updates. Using these tools, platform teams can establish standardized workflows to deploy applications and deliver a smooth and seamless developer experience. Learn more by viewing AWS and HashiCorp’s recent Self-service infrastructure is no longer a dream talk from AWS re:Invent: View the full article
  4. In November 2023, we announced the general availability of the Terraform Cloud Operator for Kubernetes. The Terraform Cloud Operator streamlines infrastructure management, allowing platform teams to offer a Kubernetes-native experience for their users while standardizing Terraform workflows. It simplifies the management of Terraform Cloud workspaces and agent pools, ensuring efficiency and consistency across operations. Today we are excited to announce the general availability of project support in the latest version of the Terraform Cloud Operator, version 2.2. Introducing project support Previously, workspace creation using the operator was limited to the default project in Terraform Cloud. Users needed elevated user permissions, which led to security risks from overly broad access and also hindered self-managed workspaces due to frequent central team dependency. Now with project support, users can specify the project where a workspace will be created. This enhances self-service by allowing users to independently create and manage workspaces, and execute runs within the context of their assigned project. The project name can now be set in the Workspace resource (example code). Also, project administrators can use the new Project custom resource to create and manage projects and team access in the organization: The new Project custom resource manages Terraform Cloud projects and team access (example code). Key benefits The general availability of project support for Terraform Cloud Operator brings two main benefits: Improved efficiency: Projects streamline platform teams’ ability to group related workspaces based on their organization’s resource usage and ownership patterns (e.g. by teams, business units, or services). These workspace groupings reduce complexity when managing and organizing Terraform configurations.. Reduced risk: Instead of managing permissions for each workspace individually, you can group related workspaces into projects, then grant teams access to the project. Those permissions will then apply to all workspaces under that project. This helps teams manage the workspaces they are responsible for while still having their permissions confined to a project, rather than the whole organization, making it easier for organization owners to follow the principle of least privilege. Learn more and get started Take a deeper dive into the Terraform Cloud Operator and securely managing Kubernetes resources by signing up for the Multi-cloud Kubernetes with HashiCorp Terraform webinar. Learn more about project support for the Terraform Cloud Operator by reading the documentation. If you are completely new to Terraform, sign up for Terraform Cloud and get started using the Free offering today. View the full article
  5. Policies are rules that HashiCorp Terraform Cloud enforces at the Terraform run phase that can help with security, compliance, and cost management. Policies can be defined in Terraform Cloud using Sentinel and the Open Policy Agent (OPA) policy as code frameworks. Today, we are excited to announce a new feature that addresses a critical challenge faced by customers in policy as code integration with Terraform Cloud: policy runtime version management; a new feature that enables users to select a specific Sentinel or OPA runtime version for their policy sets. This update introduces a policy runtime version pinning feature that provides Terraform Cloud users with more control, flexibility, and stability in their policy deployments. Policy runtime version management enables users to select specific policy as code runtime versions in Terraform Cloud to reduce the impact of version conflicts, unexpected upgrades, and bugs, making policy enforcement more stable and efficient... View the full article
  6. Run tasks allow users to directly integrate third-party tools and services within their HashiCorp Terraform Cloud workspace. They are used to perform a wide range of operations, such as managing cost, security, compliance, or enhancing workflows with custom logic. Today, we are excited to build on this functionality with the general availability of streamlined run task reviews; a new feature that accelerates run task evaluation by providing critical information in Terraform Cloud. Streamlined run task reviews are now available for use with the Palo Alto Prisma Cloud run task for Terraform Cloud... View the full article
  7. Earlier this year, we announced general availability of no-code provisioning for HashiCorp Terraform Cloud Plus customers. This new deployment method gives organizations a self-service workflow in Terraform Cloud for application developers and others who need infrastructure but may not know Terraform or HashiCorp Configuration Language (HCL). No-code provisioning empowers cloud platform teams to set up their modules for push-button self-service, allowing stakeholders with infrastructure needs to provision those modules without having to manage Terraform configuration repos or write code. No-code provisioning provides a simpler, standardized way to provision with Terraform, bringing even more reusability and increasing provisioning velocity. However, the previous no-code provisioning release restricted users to the module version with which they originally provisioned their infrastructure — they could only change variable inputs. This limitation kept users from accessing changes delivered to subsequent versions of the module unless they destroyed the workspace and deployed a fresh one. Introducing module version upgrades Module version upgrades for no-code workspaces addresses this issue by significantly reducing the friction when updating the no-code modules in a Terraform Cloud workspace. Once an administrator or module owner updates the designated no-code ready version, a notification will appear in downstream workspaces that use the module, giving practitioners a seamless experience in receiving and applying upgrades to their workspaces. The simple module version upgrade process works like this: Users see a notification in their workspace alerting them to the newly available version. From there they can initiate a plan, noting any changes that will take effect with the new module version. If the plan looks good, the user can apply it. If not, any problems can be communicated back to the module author before it impacts the running infrastructure. Terraform Cloud updates the module version used in the workspace, and applies any necessary changes to the resources based on the plan. Summary and resources Self-service workflows like no-code provisioning are becoming essential to scaling infrastructure operations. Module version upgrades keep developers’ no-code workspaces up-to-date without them having to know Terraform or ask their platform team to update their infrastructure. To learn more about module version upgrades for no-code provisioning, please refer to module upgrades in the no-code provisioning documentation. You can get hands-on with the new feature in the updated no-code provisioning tutorial. Get started for free on Terraform Cloud to provision and manage all of your infrastructure. View the full article
  8. Terraform Cloud (TFC) can help manage infrastructure as code (IaC) development for large enterprises. As the number of Google Cloud projects grows, managing access controls for Terraform Cloud projects and workspaces can become complex. Don't worry, we have a solution that is designed to be more secure than using Google Cloud service account keys, and also scales well for hundreds or even thousands of Google Cloud projects, TFC workspaces, and TFC projects using Workload Identity Federation... View the full article
  9. We are excited to announce the general availability of an organization-wide default execution mode; a new agent configuration method for HashiCorp Terraform Cloud that’s also coming soon to Terraform Enterprise. Terraform Cloud facilitates the management and deployment of agents within secure, isolated network environments. With the introduction of self-hosted agents in Terraform Cloud, it became possible to deploy them in pools, creating a flexible architecture that allows a single organization to manage infrastructure across multiple private network segments... View the full article
  10. In today’s multi-cloud world, images (such as AMIs for Amazon EC2, virtual machines, Docker containers, and more) lay the foundation for modern infrastructure, security, networking, and applications. Enterprises adopting multi-cloud typically start by using Terraform for centralized provisioning, but Terraform does not handle the details of image creation and management. In many organizations, the workflows in place to create and manage images are siloed, time-consuming, and complex, leading to slow spin-up times and human errors that pose security risks. Organizations need standard processes to ensure all images throughout their infrastructure estate are secure, compliant, and easily accessible... View the full article
  11. We are excited to announce Drift Detection for Terraform Cloud, now in public beta for HashiCorp Terraform Cloud Business. Drift Detection provides continuous checks against infrastructure state to detect and notify when there are changes. This new feature continues to evolve the capabilities in HashiCorp Terraform to provide operators with continuous visibility into the state of their multi-cloud infrastructure. Drift Detection follows the announcements of Terraform 1.2 and Terraform Run Tasks, which are additional capabilities that increase efficiency while reducing risk related to security, compliance, and operational consistency. The new capabilities expand Terraform’s support for “Day 2” operations for cloud infrastructure. As organizations migrate to the cloud, they need infrastructure automation to efficiently provision and manage their cloud resources. Typically, that consists of three distinct phases: Adopting and establishing a provisioning workflow, standardizing the workflow, and operating and optimizing at scale across multi-cloud environments as well as private datacenters. Infrastructure as code — along with proper guardrails — are essential to this process. Terraform helps organizations with infrastructure automation and provides capabilities across all three of these phases... View the full article
  12. We are pleased to announce the general availability of Consul-Terraform-Sync (CTS) 0.6. This release marks another step in the maturity of our larger Network Infrastructure Automation (NIA) solution. CTS combines the functionality of HashiCorp Terraform and HashiCorp Consul to eliminate manual ticket-based systems across on-premises and cloud environments. Its capabilities can be broken down into two parts: For Day 0 and Day 1, teams use Terraform to quickly deploy network devices and infrastructure in a consistent and reproducible manner. Once established, teams manage Day 2 networking tasks by integrating Consul’s catalog to register services into the system via CTS. Whenever a change is recorded to the service catalog, CTS triggers a Terraform run that uses partner ecosystem integrations to automate updates and deployments for load balancers, firewall policies, and other service-defined networking components. This post covers the evolution of CTS and highlights the new features in CTS 0.6… View the full article
  13. Recently, we announced the general availability of HashiCorp Consul Service (HCS) on Azure, our first fully-managed service for cloud networking automation. Customers can use HCS to discover and automate connections between services running in both Azure Kubernetes Service (AKS) clusters and Azure VMs without worrying about the operational burden of managing their own Consul deployment. HCS can be launched directly from the Azure Portal, but in this blog, we’re going to show you how to manage HCS using Terraform Cloud. Why Use Terraform Cloud instead of the Azure Portal? Terraform has become a de facto tool for many infrastructure workflows and Terraform Cloud has emerged as a powerful way for organizations to enable greater collaboration for their operators. While one of the major benefits of HCS is its integration within the Azure environment, we know that many customers have spent a lot of time and effort building out a robust Terraform workflow. We don’t want to make customers feel like their only options are to either change the way they are managing their environments or self-host a Consul deployment. Terraform Cloud can be used to manage both the deployment of HCS and services that are interacting with it. Additionally, Terraform Cloud enables multiple operators to interact with the HCS environment while layering on additional guardrails to ensure that changes are being applied in a consistent and compliant manner. View the full article
  • Forum Statistics

    39.6k
    Total Topics
    39.9k
    Total Posts
×
×
  • Create New...