#atlantis (2020-03)

atlantis

Discuss the Atlantis (http://runatlantis.io|runatlantis.io) *Archive: * https://archive.sweetops.com/atlantis/

2020-03-27

Erik Osterman (Cloud Posse) avatar
Erik Osterman (Cloud Posse)

Adding @ bot

discourse_forum avatar
discourse_forum
10:01:23 PM

@ has joined the channel

2020-03-25

2020-03-22

2020-03-21

2020-03-20

sheldonh avatar
sheldonh

Is atlantis still have a solid future that is worth perhaps investigating over terraform cloud? I was thinking it’s future would be dim with Terraform Cloud coming out

Marcin Brański avatar
Marcin Brański

There will be always people/companies which prefer to have inhouse solution. To use terraform cloud you need give permissions required for providers used in your terraform configuration. Some will see that as real threat especially that you have no insight into what’s behind terraform cloud who/how have access to it. If terraform cloud leak then I guess there would be a lot of problems and bankrupcy.

sheldonh avatar
sheldonh

Understood. However if you weigh risk is that the biggest issue over rolling your own workflow that’s less updated and tested? There’s a lot of risk vectors in the cloud. Personally, layering your security and permissions properly should do a good job I’d hink over eliminating a vendor that’s trying to be best in class for what they offer. If a terraform leak causes bankruptcy if argue that company has a seriously poor design and security.

And yes I’d agree that good documentation on their security practices is important.

Jake Lundberg (HashiCorp) avatar
Jake Lundberg (HashiCorp)

A bit of history.

Vault was actually created to secure the previous iteration of Terraform Cloud called Atlas. The story goes that Armon woke up realizing that we had a bunch of people’s cloud credentials stored in plain text and needed a way to mitigate that risk. So we created Vault. Just about all data in TFC is encrypted. https://www.terraform.io/docs/enterprise/system-overview/data-security.html

Also worth pointing out that both Mishra and Luke work for HashiCorp now. I don’t know if that means their contributions for Atlantis will die, but it’s probably not their main focus now.

1
sheldonh avatar
sheldonh

@Jake Lundberg (HashiCorp) very helpful. I keep putting my application in at hashicorp too, as i think you all are incredible and love what how it’s improved my life. I don’t think Atlantis has a long future compared to Terraform Cloud so it’s not even in my evaluation.

I would like to use Vault if easy to adopt for secrets, but I’ve got such a laundry list to do I haven’t evaluated it yet

Jake Lundberg (HashiCorp) avatar
Jake Lundberg (HashiCorp)

Thanks for saying that. I came to HashiCorp from being a user, I hope we check you out.

Also, just realize that Vault underlies Terraform Cloud for security. And we take security very seriously here. Our cloud teams are comprehensive in ensuring the safety of our customer data.

As for futures on Vault. I created a blog series that might be helpful for basic understanding of Vault. https://medium.com/hashicorp-engineering/essential-elements-of-vault-part-1-5a64d3de3be8

Essential Patterns of Vault — Part 1 attachment image

Learning HashiCorp Vault can be a daunting task when approached for the first time. While Vault can seem quite difficult on the outside…

:--1:1
sheldonh avatar
sheldonh

No luck in applying so far but I think if I worked on go proficiency I’d have a better shot. It’s on my priority list for sure

    keyboard_arrow_up