Infrastructure as Code

Safely provision and manage multi-cloud infrastructure at any scale.

Shift from manual, error-prone provisioning to automated provisioning at scale.

The Challenge

Manual provisioning is slow, error-prone and difficult to scale.

Before

  • Reduced agility from ticketing queues, manual workflows using Point-and-Click GUIs & APIs

  • Increased cost with “cloud waste” or over provisioning

  • Increased risk with more chances for human error. Best practices are followed on a “best effort” basis using tribal knowledge

The Solution

Automate provisioning using Terraform infrastructure as code.

After

  • Increased agility with reduced time to provision from weeks to minutes with automated workflow

  • Control costs systematically as users and applications scale

  • Reduce risk and discover errors before they happen with code reviews and embed provisioning guardrails

Capital One logo

Capital One

How the Capital One operations teams builds infrastructure for thousands of developers across hundreds of VPCs and multiple regions with Terraform.

Read Case Study

Infrastructure as Code

Infrastructure as Code

Use HashiCorp Configuration Language (HCL), a simple human-readable configuration language, to define a desired topology of infrastructure resources. Configuration can also be defined in JSON for programmatic generation and application integration.

  1. resource "google_compute_instance" "server" {
  2. name = "server"
  3. machine_type = "g1-small"
  4. zone = "us-centrall-a"
  5. disk {
  6. image = "ubuntu-1404-trusty-v20160114e"
  7. }
  8. }
  9. resource "dnsimple_record" "hello" {
  10. domain = "example.com"
  11. name = "server"
  12. value = "${google_compute_instance.server.network_interface.0.address}"
  13. }

VCS Integration

Write, version, review, and collaborate on Terraform code using your preferred version control system.

Integrate with Terraform Cloud and Enterprise to automatically validate configuration changes and trigger Terraform. Link changes made with Terraform to the associated changes in version control.

VCS Integration

Workspaces

Workspaces decompose monolithic infrastructure into smaller components, or "micro-infrastructures". These workspaces can be aligned to teams for role based access control.

View all workspaces across cloud providers, teams, and environments through one pane of glass. Secure and audit all workspace changes.

Dashboard - Create a New Workspace

Variables

Granular variables allow easy reuse of code and enable dynamic changes to scale resources and deploying new versions.

All variables are encrypted, protected by access controls, and retrieved as needed during the provisioning process.

Dashboard - Variables

Runs

Terraform uses two-phased provisioning a plan (dry run) & apply (execution). Plans can be inspected prior to execution to ensure expected behavior and safety.

Terraform runs can be applied from the GUI, using the API, or from the CLI to preserve the same workflow used with OSS. A policy check step is applied to a plan.

Dashboard - Runs

Infrastructure State

The state file is a record of currently provisioned resources. State files enable a versioned history of the infrastructure and are encrypted at rest. Versions can be inspected to see incremental changes.

Remote state storage and management enables teams to share state, prevent more than one change at a time, and view a versioned history of all infrastructure changes by a team.

Infrastructure State

Policy as Code

Sentinel is a policy as code framework to automate multi-cloud governance.

Require every provisioning run to enforce security, compliance, and operational best practices. Avoid manual code review which reduces agility and is error prone.

  1. allowed_machine_types = [
  2. "nl-standard-1",
  3. "nl-standard-2",
  4. "nl-standard-4",
  5. ]

Terraform CLI, Cloud, and Enterprise Features

Learn more about provisioning infrastructure as code and provisioning features with Terraform CLI, Cloud, and Enterprise.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×