terraformvault

HashiCorp at re:Invent 2023: A year of collaboration with AWS

A recap of HashiCorp infrastructure and security news and developments on AWS from the past year, from self-service provisioning to fighting secrets sprawl and more.

Amazon Web Services’ flagship cloud conference — AWS re:Invent — is back, and this year, as an Emerald sponsor, HashiCorp’s presence is bigger than ever. For both in-person and remote attendees, we’re pleased to share the latest news on our long-standing relationship with AWS and how we help organizations provision, secure, run, and connect applications running in AWS.

HashiCorp accelerates organizations’ transition to the cloud by providing lifecycle management and automation for application infrastructure and security. Our infrastructure portfolio includes products to build, deploy, and manage the lifecycle of application infrastructure. The products in the HashiCorp security portfolio leverage identity-based controls to protect, inspect, and connect users and machines to secrets and critical data. As AWS re:Invent takes center stage, it’s a great moment to reflect on our major infrastructure and security collaborations with AWS and significant milestones from the past year.

»HashiCorp wins AWS Global Collaboration Partner of the Year award

HashiCorp has been awarded Amazon Web Services’ Global Collaboration Partner of the Year. The Collaboration Partner of the Year award recognizes partners that have collaborated with AWS and other AWS partners to address customer problems leveraging services and technology offered across multiple AWS partners.

AWS collab partner of the year award

HashiCorp’s tools, loved by developers worldwide as shown by the more than two billion downloads of the Terraform AWS provider, offer a unified solution to build on AWS, replacing fragmented workflows with a standardized approach and a system of record for the cloud. This not only enhances security and developer productivity but also cuts costs by reducing time spent on provisioning and management. With the upcoming Terraform stacks feature, now in private preview, HashiCorp is set to transform how organizations use Terraform to further simplify infrastructure provisioning and management at scale.

HashiCorp’s highly scalable solutions are integrated into AWS, enabling thousands of developers and enterprises to move faster, modernize their operations, and get the most out of AWS. Together AWS and HashiCorp accelerate the delivery of new business value for our collective customers.

Major HashiCorp/AWS infrastructure and security developments in the last year include:

»Infrastructure: Terraform Cloud self-service provisioning with AWS Service Catalog

Customers can now use AWS Service Catalog as the single tool to organize, govern, and distribute their HashiCorp Terraform Cloud configurations within AWS at scale. This includes integrated access to key AWS Service Catalog features, including cataloging of standardized and pre-approved Terraform configurations, infrastructure as code templates, access control, resource provisioning with least-privilege access, versioning, sharing to thousands of AWS accounts, and tagging.

The new feature lets administrators curate a portfolio of pre-approved Terraform configurations on AWS Service Catalog. End users like engineers, database administrators, and data scientists can deploy these Terraform configurations with a single action from the AWS interface. By combining Terraform Cloud with AWS Service Catalog, we’re connecting a self-service interface that many customers are familiar with, AWS Service Catalog, with the existing workflows and policy guardrails of Terraform Cloud.

End users can easily queue a Terraform configuration from the AWS Service Catalog interface, which generates a workspace for that workload and triggers a run on Terraform Cloud. As credentials are required to initiate a run, the project is configured with dynamic provider credentials, which automatically authenticate the workspace to plan or apply the queued Terraform configuration. Once authenticated, the Terraform configuration provisions the desired resources on AWS. Throughout the workflow, end users never have to interface with Terraform Cloud or handle static credentials.

Using Terraform Cloud through AWS Service Catalog

Since its launch, HashiCorp and AWS co-presented Terraform Cloud self-service provisioning with AWS Service Catalog at HashiConf 2023 and AWS posted How to Use AWS Service Catalog with HashiCorp Terraform Cloud, demonstrating the workflow for provisioning a new product along with getting-started guides.

»Security: Secrets sync with AWS

Using an identity-based secrets management solution helps organizations move away from non-scalable, incomplete solutions created by individual developers to broker secrets across cloud environments. With HCP Vault Secrets, developers and IT leadership can remediate secret sprawl quickly. HCP Vault Secrets is a centralized, multi-tenant, cloud-native secrets management solution that serves as an intuitive, single source of truth for configuring, consuming, managing, and brokering secrets across key cloud environments and developer workflow tools. Part of the HashiCorp Cloud Platform (HCP), this multi-tenant software-as-a-service (SaaS) offering allows users to get Vault secrets management capabilities up and running in minutes.

HCP Vault Secrets and Vault Enterprise include a key feature to address secret sprawl, called secrets sync. Secrets sync lets users synchronize secrets when and where they require them and to continually sync secrets from HCP Vault or Vault Enterprise to external secrets managers (including AWS Secrets Manager) so they are always up to date. By adopting secrets sync to remediate secrets sprawl, organizations can establish centralized secrets lifecycle management with Vault as a single control plane. This eliminates the need for context switching among multiple secrets management platforms and reduces the risks associated with secrets management fragmentation.

Secrets sync

Sync secrets with Vault and AWS Secrets Manager

At AWS re:Inforce, HashiCorp presented how to Centralize and manage secrets with HashiCorp Cloud. For more information, check out our documentation on how to integrate with AWS Secrets Manager on the HashiCorp Cloud Platform. And watch the demo below showing how to sync secrets with HCP Vault Secrets and AWS Secrets Manager:

Learn more in our secrets sync documentation and discover what Vault can do for your organization on the Vault features page.

»Learn more about AWS and HashiCorp

AWS and HashiCorp continue to extend our partnership, building new integrations to help customers work faster, take advantage of more services and features, and provide developer-friendly ways to deploy cloud infrastructure.

Developers can use the Terraform AWS provider to interact with the many resources supported by AWS. To learn the basics of Terraform using this provider, follow the hands-on tutorials for getting started with Terraform on AWS on our developer education platform. Interact with AWS services, including Lambda, RDS, and IAM, by following the AWS services tutorials.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.