HashiCorp Cloud Platform Adds New Asia Regions, MFA, and More

HashiCorp Cloud Platform (HCP) is a popular way to use HashiCorp’s open source tools as cloud services, without the overhead of installation, scaling, or lifecycle management. As more practitioners have used HCP, we’ve gotten lots of valuable feedback. The HCP team has built several new capabilities as a result of your comments.

In this blog post, we will highlight some of HCP’s newest enhancements based on your requests, including overall improvements such as new locations in Singapore and Sydney, multi-factor authentication, updates to the HCP Terraform provider, HashiCorp virtual network improvements, new organization and user management capabilities, and a public changelog. There have also been new integrations and configuration options for HCP Vault, simplified onboarding and cost estimation for HCP Consul, and the ability to track and automate build updates across HashiCorp Packer and Terraform workflows.

»Core Enhancements to HCP

The following are HCP core enhancements that apply to multiple services.

»HCP Now Available in Asia-Pacific Regions

Great news for HashiCorp users in Asia-Pacific countries: you can now deploy HCP Vault and HCP Consul clusters in seven AWS regions, as we’ve just added Singapore and Sydney, Australia, to our supported regions, joining Oregon, Virginia, Ireland, London, and Frankfurt, Germany.

These new sites will benefit organizations with cloud deployments in the Asia-Pacific region, allowing them to run Vault and Consul clusters closer to their users and other applications.

Learn more about HCP’s cloud providers and regions.

»Multi-Factor Authentication Comes to HCP

Identity management is an important area for HCP. Recently, we added the ability for users to enable multi-factor authentication (MFA) from within their HCP account. With MFA, you will need a password (credential), and an authenticator application downloaded to your phone. (Use Google Authenticator or a similar authenticator application.)

HCP also offers one-time passwords (OTP). A one-time password is a sequence of numbers generated by an authenticator application. To flatten the learning curve, we designed this experience to be similar to the MFA processes already used in a wide variety of other secure websites. Read the Introduction to Multi-Factor Authentication in our documentation to learn more.

»HCP Terraform Provider Keeps Pace

We’re constantly updating the HashiCorp Cloud Platform Terraform Provider to reflect all the new capabilities within HCP. Keep tabs on our progress with the project changelog on Github. As always, comments and feedback are welcome!

»HashiCorp Virtual Network Improvements

The HashiCorp Virtual Network (HVN) is an abstraction that makes HCP networking possible. An HVN allows you to delegate an IPv4 CIDR range to HCP, which the platform then uses to automatically create a virtual private cloud (VPC) on AWS. Customers have asked us to simplify and expand our networking capabilities on HCP and these enhancements will help do just that:

HVN-HVN Peering

It is now possible to peer two HVNs across regions within AWS. The peering can be created via the HCP UI when configuring HCP Consul federation or through the HCP Terraform provider.

AWS Intra-HVN Communications

In an effort to simplify our HVN networking model, we have made it possible for clusters deployed within the same HVN to communicate with one another by default.

»Organization and User Management

HCP administrators are adding more users to their accounts. We’ve added two new capabilities to simplify user management on the platform:

• Profile page v1- password and MFA reset: Users now have a place to manage their account access. The HCP UI now supports the new profile page for HashiCorp IDs, the ability to reset a password, and MFA reset.
• Org rename: Users can now rename their HCP organization by navigating to the Org Management page, or by going to the left nav bar and clicking “Settings”, “Manage”, and then “Edit name”. This update was a direct result of customer feedback.

»Public Changelog

A changelog for HCP has been released so customers can see the latest changes to HCP and its services. This is the first iteration of the changelog, and we are looking forward to adding to it over time.

»HCP Vault: New Integrations, Plus the Starter Configuration

HCP Vault provides all of the power and security of Vault without the complexity and overhead of managing it yourself. Access Vault’s best-in-class secrets management and encryption capabilities instantly and onboard applications and teams easily. Here’s a quick look at some of the new capabilities we’ve launched:

»Popular Integrations Come to HCP Vault

HashiCorp Vault is in the critical path for many essential cloud applications. As such, it has spawned a rich ecosystem of integrations. In recent months, we’ve expanded the integrations for HCP Vault to include:

• New integrations with Datadog, Grafana Cloud, and Splunk. Use these pre-built dashboards to monitor usage and performance in HCP Vault.
• Validated GitHub, F5, and Okta integrations for HCP Vault. We’re working side-by-side with several partners to ensure their existing integrations with Vault are compatible with HCP Vault. And we can add these three popular integrations to this list!

»HCP Vault Starter Configuration

Users can now create HCP Vault clusters powered by the Starter configuration. Choose this option if you require a production-grade cluster that balances predictable pricing, performance, and cost.

Here’s a quick look at HCP Vault Starter specs:

• 3 nodes
• 2 vCPU, 8GB RAM
• 5GB storage, 250GB for snapshots and audit logs (soft limits)
• 25 included clients
• Audit logs
• Snapshots and restores
• Bronze-tier cloud support

Learn more about this new option in our blog post (Announcing HCP Vault Starter), and browse the full portfolio of HCP Vault configurations.

»HCP Consul: A New Plus Configuration and Useful Onboarding Tools

HCP Consul is a fully managed service mesh to help organizations reduce application delivery time by providing discovery, health monitoring, and service mesh functionality. New enhancements to HCP Consul in recent months will help new and experienced users alike.

»HCP Consul Plus Configuration with Federation

Different organizations have different needs. That’s why HCP services come in different configurations. Teams that need to run Consul at scale will want to check out HCP Consul Plus. This new configuration allows you to federate Consul clusters across multiple regions for improved redundancy and resiliency of applications.

Choose HCP Consul Plus when you want a simple, secure multi-region service mesh in AWS. Read the blog Announcing HCP Consul Plus and browse the full portfolio of HCP Consul configurations.

»New Resources Simplify Onboarding

To bring a new Consul cluster online, users need to do three things: create the cluster, connect their AWS VPC to their HVN, and then deploy their Consul clients. The HCP UI now features a handy checklist, with corresponding resources for each step, to simplify this workflow:

We’ve also launched new resources to help practitioners use their Consul clusters in production. Many users are looking to use HCP Consul for service discovery and as a service mesh on popular AWS runtimes. To help you get started, we’ve published a new Terraform module for Amazon EKS and Amazon EC2, and a new HashiCorp Learn guide for deploying HCP Consul on Amazon ECS.

Terraform modules, preconfigured blocks of code that perform a specific task during a Terraform apply, provide the perfect way to automate both HCP and the workload deployments in your AWS virtual private cloud (VPC). Joining the existing set of HCP Terraform modules, this new module simplifies the HCP Consul onboarding experience by combining AWS and HCP Terraform resources into a single module abstraction. Learn more in our blog post on HCP Consul Updates.

»HCP Consul Cost Estimator

HCP now includes a cost estimator for Consul. When creating a new cluster or editing a previous one, you will now see a dynamic estimate of your cost to better inform a purchasing decision. This new way to explore pricing is designed to help you understand how to most efficiently run and deploy Consul for your use case.

»HCP Packer: Track and Automate Build Updates Across HashiCorp Packer and Terraform Workflows

HCP Consul and HCP Vault are cloud versions of popular open source tools. HCP Packer, now in public beta, shows a different side of HCP. HCP Packer isn’t Packer in the cloud. Rather, it’s a new cloud service that nicely slots between your Packer and Terraform workflows.

Practitioners told us there’s a gap in their workflows today: Packer is great for building golden machine images, and Terraform is fantastic for deploying said images. But there’s no automated way to keep tabs on all the images that Packer produces. Out of this need, HCP Packer was born.

HCP Packer is a cross-cloud image gallery for Packer. It uses metadata to track machine images, iterations of those images, and the builds associated with them. Associate an ID with a preferred image, and then use it to dynamically update builds across your provisioning pipeline with Terraform.

Sign up for the public beta today and take HCP Packer for a spin. You’ll also want to read the HCP Packer registry documentation and get familiar with this excellent guide to Getting Started with HCP Packer.

»Try HCP and Get a $50 Credit

HashiCorp Cloud Platform provides the convenience of consuming HashiCorp tools as cloud services. To encourage you to get started, we’re offering a $50 credit when you create an HCP account and spin up your first cluster. Sign up today.