MB
Uploaded byMarko Bevc
1,128 views

Commodified IaC using Terraform Cloud

The document discusses the application of Infrastructure as Code (IaC) using Terraform Cloud, focusing on automation, complexity abstraction, and the integration of CI/CD practices. It highlights the benefits of Terraform in enhancing delivery velocity, collaboration, and risk management in development workflows, while also addressing issues like state management and security. The agenda includes insights into Terraform Cloud features, potential improvements, and resources for further exploration.

Embed presentation

COMMODIFIED IaC USING TERRAFORM CLOUD_ Marko Bevc
COMMON COMMODITIES_
POWER AS COMMODITY_
REFINING & ADOPTING_ S. Wardley: value chain mapping Thoughts and ideas Solution attempts Solution to known problems Refinement of solutions Very little knowledge Lots of knowledge product Problem definition Solution identification Standardization of solution Industrialization of solution New problems Gartner: hype cycle
ABOUT ME_ ● Senior IT Consultant at The Scale Factory (DevOps consultancy, AWS advanced consulting partner and K8s service provider) ● IT system engineering background with extensive Linux and virtualization experience ● Certifications and competencies: AWS, CKA, RHEL, Hashi stack ● Open source contributor and supporter ● Fan of automation/simplifying things, hiking, cycling and travelling
TALK AGENDA_ • Infrastructure as Code • Terraform Cloud • Abstracting complexity • Automation and CI/CD integration • Demo • Conclusions and takeaways
INFRASTRUCTURE AS CODE_ • Key attribute for enabling good DevOps practices: – breaking organisational silos – multi-team collaboration • State visibility across estate • Disposable infrastructure and reproducibility • Higher delivery velocity and automation • Better testing and lowering risk of errors
TERRAFORM CLOUD_ • GA announced at HashiConf’19 • Extensible SaaS solution (API, registries, plug-ins) • Abstraction of Terraform complexity • Safe: 2-factor authentication & Vault secrets • Collaboration: VCS integration, notifications, team management and Web UI/API • Fine-grained control: Sentinel policies, user roles, cost estimation • 160+ available providers
TERRAFORM CLOUD ARCHITECTURE_ Cloud / Enterprise OSS CLI Source: https://www.terraform.io/
ABSTRACTING COMPLEXITY_ ● Delegation of responsibility: – State and lock management – Remote/local execution & speculative plans – Unified workflows – Notifications – Web UI ● Same approach and structures (API / HCL) ● Changing infrastructure deployment perspective ● Of-the-shelf SaaS solution – commodity?
AUTOMATION AND PIPELINES_ • Integration with major VCS providers: GitHub, GitLab, Bitbucket, Azure DevOps • Containers used as runtime (Terraform version) • Auto or manual approvals • Variables/secrets & state access using: – TFE provider resources, i.e. tfe_variable – terraform_remote_state data resource • Private repositories and providers • Caveats: – Overwrites terraform.tfvars → *.auto.tfvars – Special vars: CONFIRM_DESTROY, TFE_PARALLELISM
HOW TO START_ ● Create organisation: team & workspaces ● Two factor authentication (TOTP, SMS) ● VCS integration ● Credential tokens ● Remote backend configuration ● Workspace creation – automatically with remote backend ● API tokens, SSH keys & policies*
$ cat ~/.terraformrc -------------------- plugin_cache_dir = "$HOME/.terraform.d/plugin-cache" disable_checkpoint = true credentials "app.terraform.io" { token = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" } backend.tf: ----------- terraform { backend "remote" { organization = "my-org" workspaces { name = "demo-tf-remote" } } }
REMOTE RUNS_ •
TIME FOR DEMO!_
CONCLUSIONS_ & TAKEAWAYS ● Complexity delegation (state, locking, execution, ...) ● Automation and deployment workflow integration ● Careful not storing/emitting secrets in configurations and logs ● Non-free and beta features: cost estimation, polices, run triggers, ... ● Room for improvement: default is remote, custom Docker images, cloud SAML/SSO and audit logs/compliance,… ● Shift left practice and platform convergence (multi/poly-cloud) → IaC as software delivered commodity
CONTACTS_ & RESOURCES ● “Make things as simple as possible, but not simpler.” A. Einstein ● Twitter: @_MarkoB ● GitHub / GitLab: @mbevc1 ● LinkedIn: https://www.linkedin.com/in/marko-bevc/ ● Resources: – https://www.thehistoricalarchive.com/happenings/57/the-history-of-elec tricity-a-timeline/ – https://en.wikipedia.org/wiki/Wardley_map – https://en.wikipedia.org/wiki/Hype_cycle – https://en.wikipedia.org/wiki/Infrastructure_as_code – https://terraform.cloud – https://www.hashicorp.com/cloud-operating-model – https://www.terraform.io/docs/cloud/run/cli.html – https://www.hashicorp.com/products/terraform/pricing/

More Related Content

PDF
Vault 1.4 launch webinar
byMitchell Pronschinske
 
PDF
Vault 1.5 Overview
byMitchell Pronschinske
 
PPTX
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
byStenio Ferreira
 
PDF
Extending HashiCorp Nomad with Plugins
byMitchell Pronschinske
 
PPTX
Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020
byMitoc Group
 
PPTX
Using new sentinel features in terraform cloud
byMitchell Pronschinske
 
PDF
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
byMitchell Pronschinske
 
PDF
Smart networking with service meshes
byMitchell Pronschinske
 
Vault 1.4 launch webinar
byMitchell Pronschinske
 
Vault 1.5 Overview
byMitchell Pronschinske
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
byStenio Ferreira
 
Extending HashiCorp Nomad with Plugins
byMitchell Pronschinske
 
Hands-On Terraform Module for AWS Landing Zone at HashiTalks2020
byMitoc Group
 
Using new sentinel features in terraform cloud
byMitchell Pronschinske
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
byMitchell Pronschinske
 
Smart networking with service meshes
byMitchell Pronschinske
 

What's hot

PDF
Introduction to IAC and Terraform
byVenkat NaveenKashyap Devulapally
 
PPTX
Anton Grishko "Multi-cloud with Google Anthos, Kubernetes and Istio. How to s...
byFwdays
 
PDF
Rover: Implementing Landing Zone Using Docker Container
bySujay Pillai
 
PPTX
Vault Digital Transformation
byStenio Ferreira
 
PDF
Sven Vogel: Running CloudStack and OpenShift with NetApp on KVM
byShapeBlue
 
PDF
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
byLviv Startup Club
 
PPTX
CloudStack news
byShapeBlue
 
PPTX
Hashicorp Corporate and Product Overview
byStenio Ferreira
 
PDF
Setup kubernetes federation between clusters
byssuser75c76a2
 
PDF
Service Mesh With Consul Connect and Nomad 0.10
byMitchell Pronschinske
 
PPTX
PaaS Ecosystem Overview
byDmitry Meytin
 
PPTX
Cloudstack: the best kept secret in the cloud
byShapeBlue
 
PPTX
Apache CloudStack 4.2: A First Look
byShanker Balan
 
PPT
CloudStack Clients and Tools
bySebastien Goasguen
 
PPTX
Docker based Hadoop provisioning - anywhere
byJanos Matyas
 
PDF
Infrastructure as Code for Azure: ARM or Terraform?
byKatherine Golovinova
 
PDF
Webinar - Relying on Bare Metal to manage your workloads
byScaleway
 
PDF
PaaS: An Introduction
byLakmal Warusawithana
 
PDF
Design Choices for Cloud Data Platforms
byAshish Mrig
 
Introduction to IAC and Terraform
byVenkat NaveenKashyap Devulapally
 
Anton Grishko "Multi-cloud with Google Anthos, Kubernetes and Istio. How to s...
byFwdays
 
Rover: Implementing Landing Zone Using Docker Container
bySujay Pillai
 
Vault Digital Transformation
byStenio Ferreira
 
Sven Vogel: Running CloudStack and OpenShift with NetApp on KVM
byShapeBlue
 
Sergii Bielskyi "Using Kafka and Azure Event hub together for streaming Big d...
byLviv Startup Club
 
CloudStack news
byShapeBlue
 
Hashicorp Corporate and Product Overview
byStenio Ferreira
 
Setup kubernetes federation between clusters
byssuser75c76a2
 
Service Mesh With Consul Connect and Nomad 0.10
byMitchell Pronschinske
 
PaaS Ecosystem Overview
byDmitry Meytin
 
Cloudstack: the best kept secret in the cloud
byShapeBlue
 
Apache CloudStack 4.2: A First Look
byShanker Balan
 
CloudStack Clients and Tools
bySebastien Goasguen
 
Docker based Hadoop provisioning - anywhere
byJanos Matyas
 
Infrastructure as Code for Azure: ARM or Terraform?
byKatherine Golovinova
 
Webinar - Relying on Bare Metal to manage your workloads
byScaleway
 
PaaS: An Introduction
byLakmal Warusawithana
 
Design Choices for Cloud Data Platforms
byAshish Mrig
 

Similar to Commodified IaC using Terraform Cloud

PPTX
Git,github & terraform Basics: Introduction
byZakariyaMuhammudHass
 
PDF
Terraforming your Infrastructure on GCP
bySamuel Chow
 
PDF
Terraform introduction
byJason Vance
 
PPTX
Infrastructure as code, using Terraform
byHarkamal Singh
 
PPTX
Terraform Automation in Azure Online Training Institute in Hyderabad.pptx
bysivavisualpath
 
PDF
Self-service PR-based Terraform
byAndrew Kirkpatrick
 
PDF
Terraform in Depth (MEAP V01) Robert Hafner
byteverafidhi
 
PDF
Terraform in Depth (MEAP V01) Robert Hafner
bykutterjadeja
 
PDF
Terraform-2.pdf
byrutiksankapal21
 
PDF
Terraform In Action Meap V10 Meap Scott Winkler
byheyenpardis0
 
PPTX
Terraform Abstractions for Safety and Power
byCalvin French-Owen
 
PDF
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
byssuser705051
 
PDF
DevOps Online Training in Hyderabad
byVisualpath Training
 
PDF
A case study why Zoominfo uses Terraform Cloud in high-scale environment.
byTal Hibner
 
PDF
DevOps Braga #9: Introdução ao Terraform
byDevOps Braga
 
PDF
CDK Meetup: Rule the World through IaC
bysmalltown
 
PDF
Microservices with Terraform, Docker and the Cloud. DevOps Wet 2018
byDerek Ashmore
 
PDF
Terraform Definition, Working and Challenges it Overcomes
byEyeglass Repair USA
 
PDF
Workshop Infrastructure as Code - Suestra
byMario IC
 
PPTX
Terraform: Taming the Machines Through Continuous Integration
byJustin Rice
 
Git,github & terraform Basics: Introduction
byZakariyaMuhammudHass
 
Terraforming your Infrastructure on GCP
bySamuel Chow
 
Terraform introduction
byJason Vance
 
Infrastructure as code, using Terraform
byHarkamal Singh
 
Terraform Automation in Azure Online Training Institute in Hyderabad.pptx
bysivavisualpath
 
Self-service PR-based Terraform
byAndrew Kirkpatrick
 
Terraform in Depth (MEAP V01) Robert Hafner
byteverafidhi
 
Terraform in Depth (MEAP V01) Robert Hafner
bykutterjadeja
 
Terraform-2.pdf
byrutiksankapal21
 
Terraform In Action Meap V10 Meap Scott Winkler
byheyenpardis0
 
Terraform Abstractions for Safety and Power
byCalvin French-Owen
 
Hashicorp-Terraform-Deep-Dive-with-no-Fear-Victor-Turbinsky-Texuna.pdf
byssuser705051
 
DevOps Online Training in Hyderabad
byVisualpath Training
 
A case study why Zoominfo uses Terraform Cloud in high-scale environment.
byTal Hibner
 
DevOps Braga #9: Introdução ao Terraform
byDevOps Braga
 
CDK Meetup: Rule the World through IaC
bysmalltown
 
Microservices with Terraform, Docker and the Cloud. DevOps Wet 2018
byDerek Ashmore
 
Terraform Definition, Working and Challenges it Overcomes
byEyeglass Repair USA
 
Workshop Infrastructure as Code - Suestra
byMario IC
 
Terraform: Taming the Machines Through Continuous Integration
byJustin Rice
 

More from Marko Bevc

PDF
Nodeless scaling with Karpenter
byMarko Bevc
 
PDF
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
 
PDF
Using HCP Waypoint
byMarko Bevc
 
PDF
Efficient Kubernetes scaling using Karpenter
byMarko Bevc
 
PDF
Who is afraid of privileged containers ?
byMarko Bevc
 
PDF
How secure are your Terraform sensitive values?
byMarko Bevc
 
PDF
Terraform 0.13: Rise of the modules
byMarko Bevc
 
PDF
Who is afraid of privileged containers ?
byMarko Bevc
 
PDF
Seamless scaling of Kubernetes nodes
byMarko Bevc
 
PDF
Terraform 0.13: Rise of the modules
byMarko Bevc
 
PDF
Who is afraid of privileged containers ?
byMarko Bevc
 
Nodeless scaling with Karpenter
byMarko Bevc
 
Embracing Karpenter to scale, optimise and upgrade Kubernetes
byMarko Bevc
 
Using HCP Waypoint
byMarko Bevc
 
Efficient Kubernetes scaling using Karpenter
byMarko Bevc
 
Who is afraid of privileged containers ?
byMarko Bevc
 
How secure are your Terraform sensitive values?
byMarko Bevc
 
Terraform 0.13: Rise of the modules
byMarko Bevc
 
Who is afraid of privileged containers ?
byMarko Bevc
 
Seamless scaling of Kubernetes nodes
byMarko Bevc
 
Terraform 0.13: Rise of the modules
byMarko Bevc
 
Who is afraid of privileged containers ?
byMarko Bevc
 

Recently uploaded

PDF
Running Non-Cloud-Native Databases in Cloud-Native Environments_ Challenges a...
byAlkin Tezuysal
 
PDF
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
PDF
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
PDF
Build an AI/ML-driven image archive processing workflow: Image archive, analy...
bywesley chun
 
PPTX
How Design Systems and AI Agents Accelerate Product Delivery Sixt
byBoyan Dimitrov
 
PDF
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
PDF
IDSECCONF2025 - Ali - DursGo–Web Security Scanner with AI Analysis.pdf
byidsecconf
 
PDF
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
PDF
AWS Cloud Technical Essentials - AWS Certificate
byVICTOR MAESTRE RAMIREZ
 
PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PDF
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
PDF
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
PPTX
Agentic AI presentation with Python Exercises
byParth Mane
 
PDF
Building Powerful Web Apps to Improve Productivity and Engagement - Esri UK W...
byEsri UK
 
PPTX
Redcentric Data Centres: vision, mission and values
byRedcentric
 
PDF
AI in Food Production (Foodwell) - AI Solutions Supporting Operations
bybyteLAKE
 
PPTX
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
PDF
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
PPTX
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
PPTX
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
Running Non-Cloud-Native Databases in Cloud-Native Environments_ Challenges a...
byAlkin Tezuysal
 
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
Build an AI/ML-driven image archive processing workflow: Image archive, analy...
bywesley chun
 
How Design Systems and AI Agents Accelerate Product Delivery Sixt
byBoyan Dimitrov
 
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
IDSECCONF2025 - Ali - DursGo–Web Security Scanner with AI Analysis.pdf
byidsecconf
 
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
AWS Cloud Technical Essentials - AWS Certificate
byVICTOR MAESTRE RAMIREZ
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
Agentic AI presentation with Python Exercises
byParth Mane
 
Building Powerful Web Apps to Improve Productivity and Engagement - Esri UK W...
byEsri UK
 
Redcentric Data Centres: vision, mission and values
byRedcentric
 
AI in Food Production (Foodwell) - AI Solutions Supporting Operations
bybyteLAKE
 
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 

Commodified IaC using Terraform Cloud

  • 2.
  • 3.
  • 4.
  • 5.
    REFINING & ADOPTING_ S. Wardley:value chain mapping Thoughts and ideas Solution attempts Solution to known problems Refinement of solutions Very little knowledge Lots of knowledge product Problem definition Solution identification Standardization of solution Industrialization of solution New problems Gartner: hype cycle
  • 6.
    ABOUT ME_ ● Senior ITConsultant at The Scale Factory (DevOps consultancy, AWS advanced consulting partner and K8s service provider) ● IT system engineering background with extensive Linux and virtualization experience ● Certifications and competencies: AWS, CKA, RHEL, Hashi stack ● Open source contributor and supporter ● Fan of automation/simplifying things, hiking, cycling and travelling
  • 7.
    TALK AGENDA_ • Infrastructure asCode • Terraform Cloud • Abstracting complexity • Automation and CI/CD integration • Demo • Conclusions and takeaways
  • 8.
    INFRASTRUCTURE AS CODE_ • Keyattribute for enabling good DevOps practices: – breaking organisational silos – multi-team collaboration • State visibility across estate • Disposable infrastructure and reproducibility • Higher delivery velocity and automation • Better testing and lowering risk of errors
  • 9.
    TERRAFORM CLOUD_ • GA announcedat HashiConf’19 • Extensible SaaS solution (API, registries, plug-ins) • Abstraction of Terraform complexity • Safe: 2-factor authentication & Vault secrets • Collaboration: VCS integration, notifications, team management and Web UI/API • Fine-grained control: Sentinel policies, user roles, cost estimation • 160+ available providers
  • 10.
    TERRAFORM CLOUD ARCHITECTURE_ Cloud /Enterprise OSS CLI Source: https://www.terraform.io/
  • 11.
    ABSTRACTING COMPLEXITY_ ● Delegation of responsibility: –State and lock management – Remote/local execution & speculative plans – Unified workflows – Notifications – Web UI ● Same approach and structures (API / HCL) ● Changing infrastructure deployment perspective ● Of-the-shelf SaaS solution – commodity?
  • 12.
    AUTOMATION AND PIPELINES_ • Integrationwith major VCS providers: GitHub, GitLab, Bitbucket, Azure DevOps • Containers used as runtime (Terraform version) • Auto or manual approvals • Variables/secrets & state access using: – TFE provider resources, i.e. tfe_variable – terraform_remote_state data resource • Private repositories and providers • Caveats: – Overwrites terraform.tfvars → *.auto.tfvars – Special vars: CONFIRM_DESTROY, TFE_PARALLELISM
  • 13.
    HOW TO START_ ● Create organisation:team & workspaces ● Two factor authentication (TOTP, SMS) ● VCS integration ● Credential tokens ● Remote backend configuration ● Workspace creation – automatically with remote backend ● API tokens, SSH keys & policies*
  • 14.
    $ cat ~/.terraformrc -------------------- plugin_cache_dir= "$HOME/.terraform.d/plugin-cache" disable_checkpoint = true credentials "app.terraform.io" { token = "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" } backend.tf: ----------- terraform { backend "remote" { organization = "my-org" workspaces { name = "demo-tf-remote" } } }
  • 15.
  • 16.
  • 17.
    CONCLUSIONS_ & TAKEAWAYS ● Complexity delegation(state, locking, execution, ...) ● Automation and deployment workflow integration ● Careful not storing/emitting secrets in configurations and logs ● Non-free and beta features: cost estimation, polices, run triggers, ... ● Room for improvement: default is remote, custom Docker images, cloud SAML/SSO and audit logs/compliance,… ● Shift left practice and platform convergence (multi/poly-cloud) → IaC as software delivered commodity
  • 18.
    CONTACTS_ & RESOURCES ● “Make things assimple as possible, but not simpler.” A. Einstein ● Twitter: @_MarkoB ● GitHub / GitLab: @mbevc1 ● LinkedIn: https://www.linkedin.com/in/marko-bevc/ ● Resources: – https://www.thehistoricalarchive.com/happenings/57/the-history-of-elec tricity-a-timeline/ – https://en.wikipedia.org/wiki/Wardley_map – https://en.wikipedia.org/wiki/Hype_cycle – https://en.wikipedia.org/wiki/Infrastructure_as_code – https://terraform.cloud – https://www.hashicorp.com/cloud-operating-model – https://www.terraform.io/docs/cloud/run/cli.html – https://www.hashicorp.com/products/terraform/pricing/