New on HCP: Boundary, Waypoint, Drift Detection, and Azure Support

Why are enterprises and practitioners alike consuming more and more cloud services? This answer from the 2021 HashiCorp State of Cloud Strategy Survey sums it up well: “Cloud services offer better ROI than running it ourselves.”

That sentiment is fueling demand for cloud services and it’s a big reason why we featured so many new developments for the HashiCorp Cloud Platform (HCP) at HashiConf Europe this week.

This blog post highlights some of HCP’s newest enhancements, including new beta services for HCP Boundary, HCP Waypoint, and HCP Consul on Microsoft Azure. It also summarizes new features for HashiCorp Terraform Cloud, like Drift Detection and Run Tasks.

»HCP Boundary Free Public Beta

Any credible modern security strategy has to address three dimensions:

1. Application security: Companies need to centrally store, access, and distribute dynamic secrets such as tokens, passwords, certificates, and encryption keys to applications across clouds.
2. Network security: Organizations must protect and encrypt sensitive data and network traffic everywhere.
3. User security: It’s critical to provide secure remote access for your entire workforce without having to manage VPNs, share credentials, or expose your network.

Enterprises turn to HashiCorp Vault and HashiCorp Consul, respectively, for modern, identity-based application and network security. However, there is a growing need for simplified, identity-based access solutions for human-to-machine access. Today's solutions — VPNs, SSH bastions, and privileged access management (PAM) — fail to scale effectively in ephemeral, multi-cloud environments, which can lead to credential sprawl. In addition, access controls in these tools are often an “all or nothing” proposition — users end up with access to entire networks and systems, not just the specific part of the IT estate the job requires. Granting system-wide access needlessly is an anti-pattern that dramatically increases your attack surface.

Enter HashiCorp Boundary, first launched in October 2020. Boundary secures access to applications and critical systems with fine-grained authorizations that don't require managing credentials or exposing your entire network.

The response to this project has been overwhelmingly positive, and we’re excited to offer Boundary as a managed service. HCP Boundary is now available as a public beta. In addition, every HCP user now has access to Boundary, so check out the tutorials and see how HCP Boundary can improve your security posture.

»Apply for Access to the HCP Waypoint Beta

HashiCorp designs for “workflows, not technologies.” But at least one workflow remains fragmented: application deployment. There are countless tools on the market, yet developers still yearn for a simple, flexible tool to handle the tasks associated with building, staging, and releasing applications. We launched HashiCorp Waypoint in 2020 to solve this challenge by giving developers a paved path for production deployments.

We’ve continued to improve Waypoint based on market feedback, adding new capabilities including first-class support for Kubernetes and Amazon ECS. Now, we’re pleased to announce the next iteration in the project’s development: HCP Waypoint, a managed service on HCP.

HCP Waypoint will ease adoption for platform teams because there’s no server to set up or manage; our SREs do all of that for you. And to make onboarding even easier, we’ve also improved Waypoint’s integration with GitHub.

If you’re interested in helping shape the future of HCP Waypoint, apply to join the private beta and we’ll be in touch.

»Terraform Cloud Tackles Day 2 Scenarios with Drift Detection and Run Tasks

After cloud infrastructure is stood up on Day 1, its state can change, or “drift” from the initial state specified by the platform engineer. When these gaps crop up, it can cause operational issues, increase risk, and result in unnecessary costs. Ideally, when configuration drifts in this fashion, the platform team should be alerted and remediation should begin.

Drift Detection is a new capability in Terraform Cloud designed to solve this Day 2 operation issue by monitoring conditions to identify resources that have changed (or “drifted”) and notify operators so they can take the necessary next steps. Drift Detection is available today as a public beta in the Terraform Cloud Business tier.

Another impactful new feature to help you do more with Terraform is called Run Tasks, available in the Team & Governance tier of Terraform Cloud. Engineers can use this feature to directly integrate third-party tools and services at certain stages in the Terraform Cloud run lifecycle.

We currently have 12 partner integrations for Run Tasks, covering security and code scanning, cost control, and regulatory compliance. You can use Run Tasks with HCP Packer, a registry to store metadata about approved machine images. Read the ​​Run Tasks GA announcement blog to learn more about these integrations, and put them to work in your organization.

»HCP Consul Now Available in Beta on Azure

Cloud service networking is one of the most difficult challenges for platform teams. Engineers must navigate dynamic IP addresses, account for a significant growth in east-west traffic in microservices implementations, and adjust to the lack of a clear network perimeter.

Consul is a popular option for organizations to address this challenge, especially when multiple clouds and multiple runtimes are in play.

HCP Consul on AWS offers the power of Consul with the convenience of a managed service. AWS users trust Consul to coordinate sophisticated cloud native architectures. Now, Microsoft Azure users can do the same. Connect Consul to workloads running on Azure Virtual Machines (VMs) or Azure Kubernetes Service (AKS). Check out our blog post for more details and links to the relevant documentation.

»Try HCP and Get a $50 Credit

HashiCorp Cloud Platform provides the convenience of consuming HashiCorp products as cloud services. To make it easier to get started, we’re offering a $50 credit when you create an HCP account and spin up your first cluster. Sign up today.