In this post, you’ll get an introduction to Terraspace Cloud.

What is Terraspace Cloud?

Terraspace Cloud is a nice addition to the Terraspace Framework. Terraspace Cloud adds extra features to Terraspace.

  • GUI Dashboard and History: When working with multiple stacks, it can become hard to remember all the stacks you or others on your team have deployed. Terraspace Cloud helps you visualize the stacks by recording them and providing a web dashboard with deployed stacks, history, logging, and resources. Know who deployed what and when.
  • Team and Permissions Management: Fine-grain permission control over access. You can create teams and define permission that target dev vs prod environments.
  • CI/CD Integration: Integration with popular CI/CD systems like GitHub Actions, GitLab Pipelines, etc. GitHub Pull Request and GitLab Merge Request integration provide a comment with a link to the visual dashboard.

Terraspace Cloud provides these additional conveniences as an optional paid managed service. Terraspace Cloud Pricing

Terraspace Cloud GUI

Per recommendations from the Terraform team itself, you should have One Workspace Per Environment Per Terraform Configuration. The pros on why you should use separate stacks and statefiles are covered thoroughly in Terraform Statefile Approaches and Thoughts docs. The gist of the pros are:

By following the recommendations, it introduces other issues. When dealing with more than one stack, it becomes difficult to keep track of what’s been deployed. Especially, when multiple team members are deploying. Terraspace Cloud was built specifically for the Terraspace Framework and provides a web GUI so you can track your terraform changes. Here’s an example:

Team Management

Terraspace Cloud adds the ability to define Team-based permissions. The permissions are defined in a way that works naturally with Terraspace.

  1. You create teams and assign users. That’s standard stuff.
  2. You define permissions that allow access based on rules. This is where things get interesting.

Here’s an example of a permission.

Since Terrapace provides the ability to dynamically build terraform projects and deploy them, it makes sense for a permission system with more power. The envs: dev in the permission means that users in the dev team only have access to TS_ENV=dev stacks. You can specify multiple envs by space-separating them, IE: envs: dev prod. You can finely control the permissions based on varialbles. Terraspace Cloud Permissions system was explicitly designed for Terraspace.

CI/CD Integration

Terraspace Cloud adds some additional support for CI systems like GitHub, GitLab, BitBucket, and CodeBuild.

The CI plugins automatically pull in info like commit sha, branch name, and PR info from the CI environment. These get sent to Terrraspace Cloud and recorded to provide historical tracking information. For the GitLab and GitHub plugins, a PR comment is also added with a link to the Terraspace Cloud plan or update.

Terraspace Cloud approach to CI means bring your own runner, IE: GitHub Actions, GitLab Pipeline, etc. This is similar to Pulumi’s approach to CI/CD. The big pro is that you don’t have to wait for a VM machine to spin up if you’re running Terraspace locally on your machine. It simply just makes API calls to Terraspace Cloud to record the plans and updates. There’s less overhead, so it’s lot faster. That’s probably my favorite part about the way it works. The other advantage is that you have full control over the runner system.

Summary

In general, Terraspace Cloud does not change how you use Terraspace. The features like Team Management, Permissions, History, a GUI visual interface, and CI/CD integration are all optional. The Terraform Framework itself is open source and free to use. Hopefully, Terraspace Cloud also provides a means to support the project financially. You can start using Terraspace Cloud with the Terraspace Framework starting in version 2.0. Docs: Terraspace Cloud Setup