Enhance your Terraform Cloud workflow by adding run tasks before the plan and/or apply stages.
Today, we are pleased to announce the general availability of pre-plan/pre-apply run tasks in Terraform Cloud. This release expands the run task feature and teams can now integrate third-party tools and services at multiple stages of the Terraform run lifecycle.
You can now check Terraform configuration before the plan is generated, reevaluate compliance prior to applying, or you can trigger customized workflows in whichever stage is most suitable to your needs. With customizable run tasks, the options are endless.
There is a common theme that comes up repeatedly when speaking with customers about run tasks: the need to do more at all stages of the run lifecycle.
The most prevalent use case for run tasks is ensuring that teams adhere to the organization's security and compliance requirements. Earlier this year we announced the general availability of post-plan run tasks which let you evaluate the compliance of your infrastructure based on Terraform plan data.
Pre-plan run tasks build on this capability by shifting the execution to occur earlier in the Terraform run lifecycle. You can now integrate tasks that analyze your Terraform configuration files, allowing you to implement custom logic that can detect issues in the Terraform configuration before the planning phase.
Several partners have already created and validated pre-plan run tasks and are committed to providing support to our mutual customers. These partners include BlinkOps, Check Point, Tines, and Torq.
Here’s how each solution can help enhance your Terraform Cloud experience with pre-plan run tasks:
Running a check before you apply your Terraform configuration is an important part of day-to-day operations when provisioning infrastructure. Typically, teams will adopt a review and approval process that often results in a delay between when a plan is initially generated and when it is applied.
A lot can happen in this time. Infrastructure can change, maintenance windows can be enforced, and new compliance rules can get added to the same run task integration that reported that your Terraform configuration was compliant.
Now, you can configure run tasks to trigger pre-apply, just before the plan is applied, implementing a final gate that your Terraform configuration needs to pass through before your configuration is applied.
Pre-plan and pre-apply run task integrations are now available in Terraform Cloud Team & Governance as well as the Business tier, and they will be released in Terraform Enterprise very soon. There are already many Terraform Cloud run task integrations available with more on the way. Check out the run tasks documentation to learn how to set up run task integrations via the UI or API.
If you don’t see a tool or service that you’d like to use, please get in touch because we love feedback!
A recap of HashiCorp infrastructure and security news and developments from Google Cloud Next, from scaling infrastructure as code to fighting secrets sprawl and more.
New in Terraform 1.8: Provider-defined functions let users extend Terraform with custom capabilities. Plus, refactoring can now be done across resource types.
See usage examples of Terraform 1.8's new launch-day provider-defined functions for AWS, Google Cloud, and Kubernetes.