Today at HashiConf EU we are announcing the HashiCorp Terraform Enterprise integration for ServiceNow Service Catalog. Terraform Enterprise offers organizations an infrastructure as code approach to multi-cloud provisioning, compliance, and management. Organizations who adopt Terraform Enterprise want to provide self-service infrastructure to end-users within their organization. The integration with ServiceNow extends this capability so that any end-user can request infrastructure from the ServiceNow Service Catalog and Terraform Enterprise can provide an automated way to service those requests.
This blog will discuss self-service infrastructure with ServiceNow & Terraform Enterprise and the workflow, including:
ServiceNow provides digital workflow management, helping teams work quickly and efficiently with one another by offering a straightforward workflow for their interactions. The ServiceNow Service Catalog offers a storefront of services that can be ordered by different people in the organization. One common request between teams is for Cloud resources: a developer needs a fleet of machines to test out a codebase or the IT team in finance has a request for infrastructure to run their new accounting software. For organizations who use the ServiceNow Service Catalog, the requests can be submitted through ServiceNow and routed to the right team for Cloud Infrastructure.
Terraform Enterprise provides provisioning automation through infrastructure as code and security, compliance, and cost-sensitive policy enforcement against all resources as they are provisioned. Our newest integration connects the human workflow power of ServiceNow with the infrastructure workflow capabilities of Terraform Enterprise.
The native integration provides a simple and streamlined setup process for Terraform Enterprise and the ServiceNow Service Catalog. Once setup, the end-users can order services from Terraform Enterprise. Terraform Enterprise will execute provisioning and policy enforcement. Depending on the level of automation the IT Operations team has set up, this can be fully automated or have built-in checkpoints to allow for oversight.
To set up the integration, an administrator connects ServiceNow and Terraform Enterprise using our integration template. That integration connects the VCS repositories containing the template configurations for your infrastructure to both Terraform Enterprise and ServiceNow, allowing teams to order infrastructure provisioned by Terraform through ServiceNow
Any user with access to the Terraform catalog can submit an order for infrastructure through the Service Catalog. Simply choose the Terraform catalog, pick the type of infrastructure, and click "Order".
When a user submits a ticket to order infrastructure, Terraform Enterprise uses the template configurations from the Setup step and creates a workspace, runs a
plan, and then runs an
apply if the plan passed all policy checks. You're able to see from the workspace name and description where it came from, and even follow a link out to the Service Catalog ticket.
If a policy check had failed, the apply would not have run and the Terraform operator would need to take a look.
When Terraform Enterprise has finished the run successfully, the infrastructure information is sent directly to the Service Catalog ticket so the requester can begin using it.
The full workflow for ordering infrastructure from Terraform Enterprise can be seen in the following demo.
The ServiceNow Service Catalog integration is part of Terraform Enterprise. To learn more about self-service infrastructure visit https://www.hashicorp.com/products/terraform. To learn more about getting started with Terraform Enterprise visit https://www.hashicorp.com/go/terraform-enterprise.
Dynamic provider credentials for Terraform Cloud provide a simple and safe authentication workflow for Vault and official cloud providers.
CDK for Terraform (CDKTF) 0.15 improves on its ease of use with Terraform Cloud and Terraform Enterprise through automatic Terraform workspace creation.
Projects in Terraform Cloud allow users to isolate particular subsets of workspaces and define permissions within a single organization.