#atlantis (2020-03)

There will be always people/companies which prefer to have inhouse solution. To use terraform cloud you need give permissions required for providers used in your terraform configuration. Some will see that as real threat especially that you have no insight into what’s behind terraform cloud who/how have access to it. If terraform cloud leak then I guess there would be a lot of problems and bankrupcy.

Understood. However if you weigh risk is that the biggest issue over rolling your own workflow that’s less updated and tested? There’s a lot of risk vectors in the cloud. Personally, layering your security and permissions properly should do a good job I’d hink over eliminating a vendor that’s trying to be best in class for what they offer. If a terraform leak causes bankruptcy if argue that company has a seriously poor design and security.

And yes I’d agree that good documentation on their security practices is important.

A bit of history.

Vault was actually created to secure the previous iteration of Terraform Cloud called Atlas. The story goes that Armon woke up realizing that we had a bunch of people’s cloud credentials stored in plain text and needed a way to mitigate that risk. So we created Vault. Just about all data in TFC is encrypted. https://www.terraform.io/docs/enterprise/system-overview/data-security.html

Also worth pointing out that both Mishra and Luke work for HashiCorp now. I don’t know if that means their contributions for Atlantis will die, but it’s probably not their main focus now.

@Jake Lundberg (HashiCorp) very helpful. I keep putting my application in at hashicorp too, as i think you all are incredible and love what how it’s improved my life. I don’t think Atlantis has a long future compared to Terraform Cloud so it’s not even in my evaluation.

I would like to use Vault if easy to adopt for secrets, but I’ve got such a laundry list to do I haven’t evaluated it yet

Thanks for saying that. I came to HashiCorp from being a user, I hope we check you out.

Also, just realize that Vault underlies Terraform Cloud for security. And we take security very seriously here. Our cloud teams are comprehensive in ensuring the safety of our customer data.

As for futures on Vault. I created a blog series that might be helpful for basic understanding of Vault. https://medium.com/hashicorp-engineering/essential-elements-of-vault-part-1-5a64d3de3be8

No luck in applying so far but I think if I worked on go proficiency I’d have a better shot. It’s on my priority list for sure