HashiCorp Highlights for Microsoft Ignite
Read our recap of the recent updates to HCS on Azure and the latest integrations between Azure services and HashiCorp Consul, Terraform, and Vault.
This week, Microsoft is hosting its second Ignite conference since transforming it into a 48-hour, all-virtual event. As we all gear up to join in, we wanted to summarize some key updates to HashiCorp Consul Service (HCS) on Azure as well as recent integrations with Azure that would be of interest to attendees.
The engineering and partnership teams at HashiCorp and Microsoft have had a very productive year building services, integrations, and other projects around Azure’s cloud services and HashiCorp’s products. First, we’ll review the recent updates to HCS on Azure. Then we'll look at several important integrations, including the Terraform Azure DevOps and AzureRM providers, the Terraform module for Azure’s Enterprise-scale landing zone (ESLZ) architecture, and our added Azure Key Vault support in HashiCorp Vault’s Key Management Secrets Engine.
» HashiCorp Consul Service (HCS) on Azure
HCS on Azure is a HashiCorp-managed Consul service that’s provisioned directly through the Microsoft Azure Marketplace. The service became generally available in July of 2020 and we saw strong customer interest and adoption of the solution heading into Ignite this year. HCS on Azure is designed to help organizations discover and securely connect applications in any Azure environment. Currently, it is the only fully managed service mesh available on the Azure marketplace.
» Federation for HCS Clusters
Back in December, we announced federation for HCS clusters. Federation is a critical capability for organizations looking to manage applications across multiple runtime platforms (e.g. a mix of Azure Kubernetes Service [AKS] clusters or Azure VMs). Organizations use federation to expand the footprint of a service mesh for scalability, resiliency, and security by creating dedicated pathways through which mesh traffic is facilitated. This pattern ensures that there are fewer ingress/egress points between clusters that need to be secured and monitored. To get started using HCS federation, please follow this HashiCorp Learn guide.
» Terraform Provider for HCS
We’ve heard consistent customer interest in being able to provision and manage HCS clusters through their Terraform workflow. As we discussed in a previous blog, it has been possible to deploy and manage HCS using the Consul provider, but this felt more like a workaround than an official provider to some.
Now HCS has an official Terraform provider. In addition to provisioning and managing HCS clusters, users can use this provider to do the following tasks:
- Deploy HCS with custom Helm configurations
- Create federation tokens for federating clusters
- Manage snapshots of an HCS cluster
To help get you started, the provider also has a number of guides with some sample configurations.
» Terraform Azure DevOps Provider
HashiCorp and Microsoft recently released the Azure DevOps Provider 0.0.1 for Terraform, which allows you to manage Azure DevOps resources like projects, Git repositories, service connections, CI/CD pipelines, and build policies through Terraform. This makes Azure DevOps simpler for Terraform users by enabling the description of Azure DevOps repositories, service connections, variable groups, group memberships, and many other entities to be committed as source code so that Terraform can handle them in a consistent and repeatable way.
» Terraform Azure Resource Manager Provider
We continue seeing great momentum with the adoption of HashiCorp Terraform on Azure with over 800 unique contributors to the Terraform provider for Azure Resource Manager. Additionally, after customer and community feedback regarding the need for additional Terraform modules for Azure, we’ve been working hard at adding high-quality modules and now have seen the number of Azure modules in the Terraform registry increase to over 400.
» Terraform Module for Azure’s Enterprise-Scale Landing Zone Architecture
Currently in preview and announced at the HashiConf 2020 partner summit, the Azure enterprise-scale landing zone Terraform module provides an opinionated, customizable, and extensible deployment architecture for the construction and operationalization of landing zones on Azure at scale. It’s based on the Cloud Adoption Framework enterprise-scale landing zone architecture with a focus on the central resource hierarchy and governance. The module deploys Azure’s recommended resource hierarchy in addition to the most common policies requested by enterprise customers.
» Azure Key Vault Support in the HashiCorp Vault Key Management Secrets Engine
The HashiCorp Vault Key Management Secrets Engine (Enterprise only), recently added in Vault 1.6, includes support for Azure’s Key Vault. Using this feature, you can use HashiCorp Vault to connect to and manage Azure Key Vault’s many lifecycle operations, such as writing, reading, updating, and rotating keys. This simplifies the process of bringing your own keys to a cloud provider and managing the lifecycle of those keys. For more information on Vault’s Key Management Secrets Engine, please see our documentation and our detailed HashiCorp Learn Guide.
» HashiCorp’s Microsoft Ignite Deep Dive Video Series
At Ignite this week, you can watch HashiCorp’s developer advocates host a series of deep dive demo sessions on YouTube for each of our products. Deep dives are now available for HashiCorp Waypoint, Security on Azure (a HashiCorp Boundary & Vault panel), HashiCorp Nomad, and Consul (moving to microservices). Our final deep dive on Terraform is scheduled for March 2.
» Enjoy Microsoft Ignite Week
We’re looking forward to the announcements and high-quality content that comes out of Microsoft Ignite this week, and we plan to share even more joint projects and integration announcements throughout 2021. If you haven’t registered already, visit the Microsoft Ignite website and sign up.
Sign up for the latest HashiCorp news
More blog posts like this one
5 ways to improve DevEx and security for infrastructure provisioning
Still using manual scripting and provisioning processes? Learn how to accelerate provisioning using five best practices for Infrastructure Lifecycle Management.
HCP Vault Dedicated adds secrets sync, cross-region DR, EST PKI, and more
The newest HCP Vault Dedicated 1.18 upgrade includes a range of new features that include expanding DR region coverage, syncing secrets across providers, and adding PKI EST among other key features.
Fix the developers vs. security conflict by shifting further left
Resolve the friction between dev and security teams with platform-led workflows that make cloud security seamless and scalable.