Terraform Cloud is the hosted, SaaS-based version of Terraform, HashiCorp’s industry-leading infrastructure-as-code (IaC) tool. It is designed to address the complexities of managing infrastructure across different cloud providers and data centers. Without any need to manage hosting for the tool itself, Terraform Cloud provides a set of features and functions that enable collaboration, remote state management, and infrastructure security.
As IaC adoption continues to grow and Terraform moves away from open-source licensing, organizations are increasingly turning to alternative tools and services. Open-source is preferred among enterprises, so it makes sense that many DevOps teams would consider abandoning Terraform and its associated services.
However, aside from being open-source, what other attributes or features should organizations seek out in an alternative? Here are a few key things to look for.
Environment management features
Terraform Cloud has workspaces, permissions (for workspaces), remote state management, and ephemeral workspaces, which are useful in managing environments. They are useful in creating isolated environments where experiments can take place, without the changes implemented in the actual production infrastructure. A good Terraform Cloud alternative should offer these features and more.
Other useful features include automatic environment deletion, scheduling, dropdown variables list, and environment limits. Also known as time-to-live (TTL), the automatic environment deletion or destruction feature ensures that temporary environments do not create confusion, clutter, and resource waste. Scheduling enables the automatic triggering of environment destruction and deployment.
Meanwhile, the dropdown variables list provides the convenience of choosing variables from a dropdown list instead of having to memorize all variables. Lastly, environment limits provide the ability to control the number of active environments in every project. They can impose restraints on the number of environments per user and for the entire project.
Robust environment management is vital for efficiency improvement, especially when dealing with numerous automated deployments and parallel executions. Also, it is a boon for collaboration and cost optimization. Additionally, it contributes to an organization’s security and compliance enhancement.
Pricing models
Many organizations prefer to use open-source solutions because of the cost advantage. To the greatest extent possible, they want to avoid having to spend on recurrent charges. However, finding a viable alternative to Terraform Cloud does’t necessarily mean there has to be a zero-dollar budget. Enterprises are willing to use paid solutions with reasonable costs, as long as the value is there in return. On the other hand, some pricing models can be confusing when it comes to what the actual spend required will be.
One factor to take into account is deployment pricing. Terraform Cloud has a resources-under-management (RUM) billing system, which means that the monthly bottom line grows significantly as you connect more cloud resources to the system. This can be costly, especially for software companies that are in high-growth mode and therefore experience infrastructure sprawl.
If organizations cannot find a fully open-source alternative, it is preferable to choose one that is offered on a pay-by-deployment basis. This is generally cheaper than pay-by-resource and emphasizes successful deployments rather than the entire infrastructure.
It is particularly better for deployments with infrequent changes, as the costs tend to be the same or lower if the infrastructure does not change or is left largely unmodified.
Support for different frameworks
Terraform Cloud is exclusively created for Terraform. There are no incentives for organizations that are leaving the HashiCorp ecosystem to continue with a Terraform lock-in.
A superior replacement IaC system should support multiple frameworks. It should work not only with Terraform but also with tools like Pulumi, OpenTofu, Terragrunt, AWS CloudFormation, Kubernetes, and Helm.
Interoperability with multiple frameworks provides the flexibility modern organizations need as they deal with different scenarios and changing infrastructure requirements. It is also recommended to avoid committing to a single or few vendors, to make it easy to adapt to changes and switch to other frameworks whenever the need arises.
Granularity in handling variables and secrets
Managing and defining variables and secrets requires a level of control that matches the specific needs of organizations. Terraform Cloud provides granularity on a project, workspace, and variable set basis. This works for most cases, so organizations looking for alternatives have to look for similar capabilities.
Greater granular management is important not only because of the flexibility it affords. It also helps improve security, because it minimizes the risk of exposing sensitive data to misuse and vulnerability exploitation. Additionally, it improves the ability to organize the overall code, especially in terms of reducing redundancy across workspaces and in code reuse.
Many alternatives offer more than the three layers of granularity Terraform Cloud provides. Some provide five layers, allowing a greater level of control for managing secrets and variables usually at the organization, template, environment, project/sub-project, and workflow levels. It is advisable to go for more layers of control if the pricing models are comparable. Otherwise, an in-depth cost analysis can help you to determine if the added levels of control are worth paying for.
Advanced features
It is important for the alternative to be easy to learn and use. In order to minimize friction when switching platforms, it can be advantageous if the new tool has an interface similar to what DevOps engineers are used to with Terraform Cloud.
However, ease of use is not always about the interface and features. Some solutions may not be comparable to Terraform Cloud but they may provide sensible ways of handling tasks. For example, a multi-tier workflow can be an improvement for organizations compared to Terraform Cloud’s single-threaded counterpart.
A dashboard with advanced features may be more suitable for an organization’s specific requirements, compensating for the learning curve. It can also be an advantage to have features like the “Assume Role” feature in AWS, or Atlantis-style workflows.
Beware of vaguely described advanced features, though. Some alternatives tend to overhype the functions they have that are not in Terraform Cloud, but these may not be so useful. It is easy to be impressed by long lists of feature sets, especially for organizations that are new and not yet that well-versed with IaC management.
It can help to consult those who have the expertise and experience in IaC to determine which features matter and which ones are unnecessary and superfluous additions.
The right alternative
The search for a Terraform Cloud alternative should come with meticulous scrutiny. It is easy to find options that appear to one-up Terraform Cloud, but are not necessarily better or even comparable. A good rule of thumb when comparing alternatives is to first determine what features your organization needs and then find the alternative that matches these requirements while providing more features to meet future needs. The points briefly discussed above can serve as a good starting point.