HashiCorp Brings Terraform Infrastructure Provisioning to the Enterprise
Infrastructure software provider HashiCorp has released a provisioning package, Terraform Enterprise, which promises to simplify the process of managing infrastructure across different cloud and in-house environments, using a consistent workflow.
Although Terraform has long been widely used as a separate open source project, this new release focuses on polishing the software for commercial production usage. It offers a way to automate infrastructure deployments — a practice known as infrastructure-as-a-service — through a set of APIs that can be programmed against.
The software, which was first released in September in beta, is available both as a cloud service and as software that can be run in-house. For this release, the company also integrated with its Sentinel embeddable policy-as-code framework, which sets the stage for allowing multiple administrators collaborating on their infrastructure plans.
“With Terraform, there was this gap. It works well working on my own, but when you go to working with a group of people, how do I solve the collaboration challenge? The problem is very analogous to using git,” said HashiCorp founder and co-Chief Technology Officer Armon Dadgar. “The moment there are two or more of us, how do we have that central point of collaboration?”
While Terraform Enterprise offers controls and policy delineation to solve this problem, Sentinel individual agents carry out policy enforcement across the HashiCorp Enterprise stack. Sentinel policies can be applied to each Terraform plan, defining which actions are allowed and denied.
Sentinel also contains the ability to test policies, allowing enterprises to be certain they work before deploying to production.
Previously HashiCorp used its Atlas application delivery tool to manage permissions. Atlas turned out to be too large a platform for enterprises to adopt all at once, and has now been all but abandoned in favor of more module tools that can optionally be integrated together, said Dadgar.
“Sentinel is integrated into all tools. In Terraform Enterprise Sentinel engine is in everything” said Dadgar, noting that the software has also been integrated into Consul, Nomad, and Vault Enterprise as well.
Other features of the General Availability (GA) release include:
- New User Interface: The redesigned UX is integrated with workspaces, a development environment that can match an organization’s permissions structure.
- SAML support: The Security Assertion Markup Language can now be used with Terraform Enterprise, replacing the need for passwords in favor of standard cryptography and digital signatures.
- Service Accounts: Service accounts will allow an organization to access API end-points without having to authenticate individual users.