Terraform improves permissions management for teams
HCP Terraform and Terraform Enterprise enhance permissions management capabilities to eliminate the bottleneck of relying solely on the owner for managing teams.
We are excited to announce the release of a new enhancement to HashiCorp Terraform’s permissions management capabilities: granular permissions to manage teams. Now available in HCP Terraform and coming soon to Terraform Enterprise, this addition improves how users can configure permissions for specific teams at the organization level.
»Permission management challenges
Previously in HCP Terraform and Terraform Enterprise, the process of creating, deleting, and overseeing team members within organizations could be cumbersome for organization owners, since this functionality was restricted to the owner permission level. Owners needed to review and approve frequent permission requests or elevate other users to the organizational owner level, granting full access to users who potentially should not hold such permissions, which could introduce security risks to the organization.
»Introducing granular permissions to manage teams
The new “manage teams” capability streamlines and secures these efforts by letting organization owners delegate the ability to manage teams at the organizational level. This enhancement alleviates the bottleneck of relying solely on the owner for managing teams, as approved team members can create, read, update, and delete teams without having organizational owner membership.
When adding a new team, you can now check the “Manage teams” checkbox under the Organization Access section of the team’s settings page and configure permissions settings to meet your organizational requirements.
Grant permissions to specific teams to create, read, update, and delete teams.
»Getting started
These HCP Terraform and Enterprise improvements represent another step in our continued effort to help users simplify permission management to enable the least privilege principle and mitigate security risks throughout their infrastructure workflows.
This feature is available now in HCP Terraform and coming soon to Terraform Enterprise. For details on getting started, please refer to the permissions documentation.
If you are new to Terraform, you can get started with HCP Terraform for free to begin provisioning and managing your infrastructure in any environment. And don’t forget to link your HCP Terraform and HashiCorp Cloud Platform (HCP) accounts together for a seamless sign-in experience.
Sign up for the latest HashiCorp news
More blog posts like this one
Build secure, AI-driven workflows with Terraform and Vault MCP servers
At AWS Summit New York, HashiCorp introduced new capabilities that bring Terraform, Vault, and Vault Radar into the age of AI agents — advancing secure, automated infrastructure through composable, agentic systems.
Terraform without writing code: How to build self-service with no-code modules
Terraform no-code modules are an advanced infrastructure as code best practice that helps everyone in the org use standard, approved modules, even if you don’t know Terraform.
Helvetia’s journey building an enterprise serverless product with Terraform
What started as a basic compliance challenge for one team at Helvetia Insurance evolved into a comprehensive enterprise solution for running self-managed installations like a cloud service, using Terraform to manage a serverless architecture.