HashiCorp Cloud Platform added new locations in the Asia-Pacific region, multi-factor authentication, and support for additional configurations of HashiCorp Consul and HashiCorp Vault.
HashiCorp Cloud Platform (HCP) is a popular way to use HashiCorp’s open source tools as cloud services, without the overhead of installation, scaling, or lifecycle management. As more practitioners have used HCP, we’ve gotten lots of valuable feedback. The HCP team has built several new capabilities as a result of your comments.
In this blog post, we will highlight some of HCP’s newest enhancements based on your requests, including overall improvements such as new locations in Singapore and Sydney, multi-factor authentication, updates to the HCP Terraform provider, HashiCorp virtual network improvements, new organization and user management capabilities, and a public changelog. There have also been new integrations and configuration options for HCP Vault, simplified onboarding and cost estimation for HCP Consul, and the ability to track and automate build updates across HashiCorp Packer and Terraform workflows.
The following are HCP core enhancements that apply to multiple services.
Great news for HashiCorp users in Asia-Pacific countries: you can now deploy HCP Vault and HCP Consul clusters in seven AWS regions, as we’ve just added Singapore and Sydney, Australia, to our supported regions, joining Oregon, Virginia, Ireland, London, and Frankfurt, Germany.
These new sites will benefit organizations with cloud deployments in the Asia-Pacific region, allowing them to run Vault and Consul clusters closer to their users and other applications.
Learn more about HCP’s cloud providers and regions.
Identity management is an important area for HCP. Recently, we added the ability for users to enable multi-factor authentication (MFA) from within their HCP account. With MFA, you will need a password (credential), and an authenticator application downloaded to your phone. (Use Google Authenticator or a similar authenticator application.)
HCP also offers one-time passwords (OTP). A one-time password is a sequence of numbers generated by an authenticator application. To flatten the learning curve, we designed this experience to be similar to the MFA processes already used in a wide variety of other secure websites. Read the Introduction to Multi-Factor Authentication in our documentation to learn more.
We’re constantly updating the HashiCorp Cloud Platform Terraform Provider to reflect all the new capabilities within HCP. Keep tabs on our progress with the project changelog on Github. As always, comments and feedback are welcome!
The HashiCorp Virtual Network (HVN) is an abstraction that makes HCP networking possible. An HVN allows you to delegate an IPv4 CIDR range to HCP, which the platform then uses to automatically create a virtual private cloud (VPC) on AWS. Customers have asked us to simplify and expand our networking capabilities on HCP and these enhancements will help do just that:
It is now possible to peer two HVNs across regions within AWS. The peering can be created via the HCP UI when configuring HCP Consul federation or through the HCP Terraform provider.
AWS Intra-HVN Communications
In an effort to simplify our HVN networking model, we have made it possible for clusters deployed within the same HVN to communicate with one another by default.
HCP administrators are adding more users to their accounts. We’ve added two new capabilities to simplify user management on the platform:
A changelog for HCP has been released so customers can see the latest changes to HCP and its services. This is the first iteration of the changelog, and we are looking forward to adding to it over time.
HCP Vault provides all of the power and security of Vault without the complexity and overhead of managing it yourself. Access Vault’s best-in-class secrets management and encryption capabilities instantly and onboard applications and teams easily. Here’s a quick look at some of the new capabilities we’ve launched:
HashiCorp Vault is in the critical path for many essential cloud applications. As such, it has spawned a rich ecosystem of integrations. In recent months, we’ve expanded the integrations for HCP Vault to include:
Users can now create HCP Vault clusters powered by the Starter configuration. Choose this option if you require a production-grade cluster that balances predictable pricing, performance, and cost.
Here’s a quick look at HCP Vault Starter specs:
Learn more about this new option in our blog post (Announcing HCP Vault Starter), and browse the full portfolio of HCP Vault configurations.
HCP Consul is a fully managed service mesh to help organizations reduce application delivery time by providing discovery, health monitoring, and service mesh functionality. New enhancements to HCP Consul in recent months will help new and experienced users alike.
Different organizations have different needs. That’s why HCP services come in different configurations. Teams that need to run Consul at scale will want to check out HCP Consul Plus. This new configuration allows you to federate Consul clusters across multiple regions for improved redundancy and resiliency of applications.
Choose HCP Consul Plus when you want a simple, secure multi-region service mesh in AWS. Read the blog Announcing HCP Consul Plus and browse the full portfolio of HCP Consul configurations.
To bring a new Consul cluster online, users need to do three things: create the cluster, connect their AWS VPC to their HVN, and then deploy their Consul clients. The HCP UI now features a handy checklist, with corresponding resources for each step, to simplify this workflow:
We’ve also launched new resources to help practitioners use their Consul clusters in production. Many users are looking to use HCP Consul for service discovery and as a service mesh on popular AWS runtimes. To help you get started, we’ve published a new Terraform module for Amazon EKS and Amazon EC2, and a new HashiCorp Learn guide for deploying HCP Consul on Amazon ECS.
Terraform modules, preconfigured blocks of code that perform a specific task during a Terraform apply, provide the perfect way to automate both HCP and the workload deployments in your AWS virtual private cloud (VPC). Joining the existing set of HCP Terraform modules, this new module simplifies the HCP Consul onboarding experience by combining AWS and HCP Terraform resources into a single module abstraction. Learn more in our blog post on HCP Consul Updates.
HCP now includes a cost estimator for Consul. When creating a new cluster or editing a previous one, you will now see a dynamic estimate of your cost to better inform a purchasing decision. This new way to explore pricing is designed to help you understand how to most efficiently run and deploy Consul for your use case.
HCP Consul and HCP Vault are cloud versions of popular open source tools. HCP Packer, now in public beta, shows a different side of HCP. HCP Packer isn’t Packer in the cloud. Rather, it’s a new cloud service that nicely slots between your Packer and Terraform workflows.
Practitioners told us there’s a gap in their workflows today: Packer is great for building golden machine images, and Terraform is fantastic for deploying said images. But there’s no automated way to keep tabs on all the images that Packer produces. Out of this need, HCP Packer was born.
HCP Packer is a cross-cloud image gallery for Packer. It uses metadata to track machine images, iterations of those images, and the builds associated with them. Associate an ID with a preferred image, and then use it to dynamically update builds across your provisioning pipeline with Terraform.
Sign up for the public beta today and take HCP Packer for a spin. You’ll also want to read the HCP Packer registry documentation and get familiar with this excellent guide to Getting Started with HCP Packer.
HashiCorp Cloud Platform provides the convenience of consuming HashiCorp tools as cloud services. To encourage you to get started, we’re offering a $50 credit when you create an HCP account and spin up your first cluster. Sign up today.
Introducing a more efficient, streamlined way of managing policy as code workflows in Terraform Cloud.
HashiCorp expands its client libraries to include Go & .NET. The Vault 1.13 release includes support for Go & .NET.
HCP Packer’s new channel assignment history and rollback provide a complete record of artifacts in a channel and enable a simple, one-click rollback to previous iterations.