No-code provisioning is now GA for Terraform Cloud Business, providing validated self-service infrastructure, additional security through more granular permissions, and ease of use with variable options as dropdowns.
We are excited to announce the general availability of no-code provisioning, which gives organizations a self-service workflow in HashiCorp Terraform for their application developers and others that need infrastructure but don’t necessarily know Terraform or HashiCorp Configuration Language (HCL). Initially launched as a public beta at HashiConf Global 2022, no-code provisioning empowers cloud platform teams to set up their modules for push-button self-service, allowing stakeholders with infrastructure needs to deploy those modules without managing Terraform configuration repos or writing any code. This post reviews the details and benefits of this powerful new deployment method and also covers a handful of new features just released.
During the beta period, we collected a lot of great feedback from customers, which led directly to new features that accompany the GA of no-code provisioning, including:
During the no-code provisioning process, end users must input values for the variables in the module configuration that don’t have a default value. However, this can lead to frustrating provisioning failures due to typos or disallowed infrastructure attributes. Users asked for dropdown options to help avoid confusion around no-code workflows.
Now, admins can create guardrails for what attributes are applied to infrastructure. Module publishers can define the valid options for input variables via a page in the Terraform Cloud UI at the time of enabling the module version for no-code provisioning, or they can do the same via the TFE provider. After this is set, users can select from the pre-defined options during initial provisioning and subsequent updates to inputs on existing no-code workspaces. Examples of input guardrails include approved cloud regions, valid instance sizes, and expected values for metadata, like tags.
Previously, you could assign variable sets only with common inputs such as cloud credentials at either the global (organization-wide) or workspace level. This posed a conundrum for no-code provisioning, since the workspace is created at the time of first provision and many organizations need to assign granular cloud credentials for their no-code teams.
Since the introduction of projects as a new usage layer between organizations and workspaces, users can now add these teams to a project and define variable sets limited to only that project. New workspaces created by the no-code provisioning workflow will automatically inherit the variable set(s) assigned to the parent project.
During the beta, no-code users needed the organization-wide “manage workspaces” permission. The introduction of projects in Terraform Cloud provided a solution to this problem.
No-code provisioning is integrated with projects, which means teams with project-level Admin or Maintain permissions can provision no-code ready modules directly into their project without requiring organization-wide workspace management privileges.
Here is a simple recommended workflow for setting up no-code-only users in a guardrailed project space:
The general availability of no-code provisioning on Terraform Cloud allows cloud platform teams to provide self-service infrastructure without requiring any knowledge of Terraform or HCL from the user. Here are a few of the main benefits of this new feature:
Variable inputs, variable sets for projects, and managed workspace permissions are available today as generally available features. Learn more about no-code provisioning by reading the Designing No-Code Ready Modules documentation, hands-on tutorial: Create and Use No-Code Modules, and watching this demo video:
If you haven’t already, get started for free on Terraform Cloud to provision and manage all your infrastructure.
Version 5.0 of the HashiCorp Terraform AWS provider brings improvements to default tags, allowing practitioners to set tags at the provider level.
Learn how HashiCorp Terraform supports the deployment of Azure Linux container host for Azure Kubernetes Service (AKS).
New CI/CD pipeline templates for GitHub Actions and GitLab CI provide prescriptive guides for integrating with Terraform Cloud, and a new integration tool can help build workflows with other CI/CD platforms.