Infrastructure and Security Lifecycle Management on AWS
Infrastructure Lifecycle Management on AWS
Build, deploy, and manage your infrastructure lifecycle the right way by enforcing policies, boosting productivity, sharpening visibility, and removing unneeded resources on AWS.
Build. Establish a strong foundation for Infrastructure Lifecycle Management with a consistent approach to building your environments.
HashiCorp Terraform lets you define AWS resources in human-readable configuration files that you can version, reuse, and share. Terraform creates and manages resources on AWS through their application programming interfaces (APIs), also known as providers.
The HashiCorp Terraform AWS Provider surpassed a remarkable 2 billion downloads. Developers use the Terraform AWS Provider to interact with the many resources supported by AWS.
Deploy. Provision the infrastructure needed to deploy an application — then schedule and make it happen.
HashiCorp and AWS have collaborated to provide the ability to trigger industry best-practice account creation via Terraform, all from AWS Control Tower. Learn more
Manage. Provide a system of record for all infrastructure, images, workloads, and applications in one platform for visibility and management
AWS and HashiCorp jointly announced the launch of a new integration between AWS Service Catalog and HashiCorp Terraform Cloud to enable large enterprises on AWS.
Customers can now take advantage of the advanced governance and visibility features in their Terraform workflows by linking their Service Catalog product provisioning to HashiCorp’s Terraform Cloud.
Security Lifecycle Management on AWS
As your cloud use grows, so does your attack surface. Protect, inspect, and connect the sensitive elements across your cloud infrastructure to reduce credential exposure, enforce least-privileged access, and stop secret sprawl on AWS.
Protect. Guard sensitive data across all environments with a central system of record to reduce the risk of credential exposure.
HashiCorp’s Vault Secret Operator for Kubernetes is now generally available, supporting new authentication methods and product validations with AWS. With the Vault Secrets Operator for Kubernetes, customers can now natively sync secrets from Vault to Kubernetes clusters. The release of the Vault Secrets Operator includes integration tests with Amazon Elastic Kubernetes Service (EKS).
Inspect. Continuously scan your environment for unsecured sensitive data and keep tabs on privileged access.
With AWS Identity and Access Management (IAM), you can specify who or what can access services and resources in AWS, centrally manage fine-grained permissions, and analyze access to refine permissions across AWS. A new AWS IAM Access Analyzer run task has now been published as a Terraform module and an AWS run task in the Terraform Registry.
Connect. Enforce least-privileged access based on trusted identities without exposing your network.
Secrets sync is a feature in HashiCorp Vault that facilitates centralized management, governance, and control of secrets for multiple external secret managers. Secrets sync lets users manage multiple external secrets managers, including AWS Secrets Manager.
Dynamic updates to host catalogs is an important differentiator for Boundary from traditional access methods that rely on manual target configuration, and enables even tighter integrations with AWS for seamlessly onboarding cloud tenant identities, roles, and targets.