As HashiCorp quietly slips into its new existence under the parent umbrella of IBM after this year’s $6.4 billion acquisition, the company held (one last?) HashiConf in Boston this week to set out its stall. That market stall is of course one populated by infrastructure lifecycle management and security lifecycle management products for hybrid multi-cloud environments.

Key among the announcements made by the company right now are updates to its Terraform Infrastructure-as-Code (IaC) cloud provisioning technology and its HCP Waypoint tool, which is designed to create internal developer platforms with templates and add-ons to manage application dependencies.

Step 1 of 7

14%

Which of the following best describes how you currently monitor and manage systems across your hybrid cloud environment?(Required)

Multiple separate tools for different environments

Multiple separate tools for different monitoring and management functions

Single consolidated dashboard

Custom built monitoring and management solution

No full monitoring and management solution

Don’t know

How valuable would it be for your monitoring and management solution to incorporate predictive analytics to help you identify and address system issues that are critical and not waste time or effort working through all the data and “noise” that is not critical?(Required)

Extremely valuable

Moderately valuable

Somewhat valuable

Slightly valuable

Not valuable

How do you most typically address potential system issues BEFORE they impact your operations?(Required)

Automated workflows and playbooks to remediate potential issues as soon as they are detected

An orchestrated response process that leverages automation, AI, and human expertise to rapidly respond to potential issues

Advanced monitoring tools such as predictive analytics and anomaly detection to proactively identify and address potential issues

Respond to issues as they arise, using manual processes and troubleshooting techniques

A combination of automated remediation, orchestrated response, and/or proactive monitoring to address potential system issues

Don’t know

Other

What methods does your organization use to control and monitor cloud/IT spending?(Required)

Centralized procurement processes

Pre-approved budget thresholds

Automated cost monitoring tools

Department-level spending controls

Regular cost audits and reviews

Cloud cost optimization platform

Approval workflows for resource provisioning

Native financial operations tools provided by the cloud provider

No formal controls in place

Don’t know

Other

Please specify:

Which methods do you rely on most to detect security vulnerabilities in your systems?(Required)

Automated scanning tools

Manual assessments

Vendor notifications

Threat modeling (for early detection)

None of these

Don’t know

Other

Please specify:

What are the TWO most common ways you prioritize vulnerabilities to address within your environment?(Required)

Based on potential impact

Based on exploitability

Regulatory compliance requirements

Based on CVSS scores

Risk-based analysis of multiple factors

First-in-first-out approach

No formal prioritization process

Don’t know

How do you typically handle system updates and security patches?(Required)

Automated updates and patches

Manually review and apply updates and patches on a regular schedule

A combination of automation and manual review

Apply updates and patches on an as-needed basis.

Outsourced update and patch management

No defined process

Don’t know

Other

Δ

HashiCorp says that Terraform’s capabilities for infrastructure provisioning enable cloud-native developer teams to take a cloud-agnostic highly interoperable approach to multi-cloud management. It operates with a single workflow (i.e. a singular software code process within which all planning, testing, deployment and monitoring can happen) so that lifecycle management can be promoted as an essential function.

Terraform Stacks

Given the wider trend for compartmentalized containerized abstracted pre-configured convenience across all software application development toolsets and platforms, it is perhaps not a surprise to see HashiCorp put as much automation convenience as possible into Terraform. This now comes in the form of Terraform stacks.

Terraform stacks is a configuration layer update intended to simplify cloud provisioning and cloud resource management at scale by controlling “cross-configuration dependencies” between Terraform modules. Given that software application dependencies are fundamental, cross-configuration dependencies at the infrastructure provisioning level can also include configuration item hierarchies, where dependencies are an association between two configuration elements that would be rendered to an invalid state if both were not present and working correctly.

Stacks is essentially a way of grouping different Terraform cloud infrastructure modules (we could also call them components) together in order to centralize maintenance and interdependency tasks. While this function has been around in private beta for a while, HashiCorp is now moving this technology to public beta. Terraform stacks are controlled from a Terraform configuration (aka Terraform-config), which the company describes as a complete document in the Terraform language that tells Terraform how to manage a given collection of infrastructure. A configuration can consist of multiple files and directories.

Multiple Infrastructures, Multiple Environments 

“With Terraform Stacks, we’re reimagining infrastructure as code, making it easier to build and deploy the same infrastructure multiple times, across multiple environments, regions, landing zones, or accounts within a cloud provider,” said Armon Dadgar, CTO and Co-Founder, HashiCorp. “With new features across Vault and Boundary, we’re bringing important management capabilities to our security portfolio, including auto-rotation, dynamic secrets and secret scanning to provide full lifecycle management for security.”

Also central to the product announcements brought forward right now is HashiCorp Cloud Platform (HCP) Waypoint. This is an internal developer portal with templates to codify golden patterns (proven, reusable and validated software patterns for infrastructure and security automation workflows) for day zero provisioning, add-ons for day one (24 hours after deployment to live production status) and updates to manage Day N (the decommissioning point at which any software system reaches end-of-life) operations.

Other updates include:

• HCP Vault Secrets adds new lifecycle management features, including auto-rotation (generally available), dynamic secrets (public beta), and dynamic cloud credentials for HCP Terraform (public beta) to support secrets lifecycle management for enterprises.
• Terraform migrate (public beta) automates the migration of common DIY workflows from Terraform Community Edition to HCP Terraform or Terraform Enterprise.
• Nomad GPU enhancements in 1.9 (generally available) adds advanced GPU scheduling to support demanding AI workloads. This includes support for multi-tenant workloads sharing GPUs to maximize utilization and resource quotas to efficiently broker access to shared resources.

Cloud Management, Management

What’s happening here is logical, inevitable, redolent of wider automation trends and (arguably) quite welcome. As cloud lifecycle management technologies now evolve at the infrastructure-first level, the gloomy specter of spiralling hyperscaler costs will naturally make firms more interested in operational streamlining technologies of this kind.

With distributed diverse divergent application types also coming to the fore (edge computing is getting so much smarter as we know – and that’s not the only zone where compute and analytics are in a vortex), organizations will want lifecycle management tools that enable them to be compliant with governance legislature and, in many cases, just to keep their heads above water. 

It is, in other words, cloud management management. 

Whether HashiCorp remains as independently branded and operated as Red Hat under IBM is more open to question. Only Big Blue knows.