Infra

HashiCorp Consul is a global service networking platform that provides multi-runtime service discovery and secure services networking. It is widely adopted and used in production by companies that include Expedia and Workday. The latest Consul version 1.21 includes a broad range of enhancements across different parts of Consul, including: A simplified architecture for discovering external software applications Disaster recovery improvements for Consul on Kubernetes Support for OpenShift 4.16 and 4.17 Kubernetes Pod Security Admissions Controller support Simplified service discovery for external services One of Consul’s core capabilities is to provide global service discovery across multiple different runtimes, platforms, and clouds. In order to do this, Consul agents that are installed on each service send updated information to the Consul servers, including health status and current IP addresses. However, there are some external applications, like Amazon RDS or Azure Database, that do not allow the installation of third-party agents. In these scenarios, Consul External Monitoring Service (ESM) can be used to query the latest health and location information from these external services. ...

There is no shortage of cybersecurity threats. But protecting against those threats is about balancing risk and reward — i.e. the cost of mitigating the risk versus the likelihood and impact of an incident. Security automation tools can lower risk of a breach while also increasing efficiency, effectiveness, and ROI of security investments. But these, too, are a balancing act. When does it make sense to invest in automation tools to strengthen and scale your security posture versus hiring more people? ...

In today's rapidly evolving cybersecurity landscape, data breaches are an ever-present threat to organizations of all sizes. The most critical assets of an organization often reside within its digital infrastructure, including sensitive data and secrets. Among these, credentials (such as API keys, access tokens, passwords, and SSH keys) are a top target for cybercriminals. If these credentials are leaked or exposed, attackers can gain unauthorized access to systems and potentially wreak havoc on the organization. ...

The Terraform AWS provider serves as the bridge between Terraform configurations and AWS, enabling users to define and manage AWS resources as code. We are excited to share that version 6.0 of the Terraform AWS provider is now available in public beta. Along with bugfixes, the latest update brings enhanced multi-region support and other workflow improvements. This post will explore the enhanced mult-region support features and announce the provider’s latest downloads milestone. ...

You’re the cloud engineer for a booming startup. You’ve built your infrastructure, your Terraform code is looking clean — and then… “Something” happens and now it’s a race against time (and your own sanity) to fix it before the leaderboard locks. Welcome to AWS GameDay: the hands-on, team-based challenge where technical professionals sharpen their real-world AWS and Terraform skills in a dynamic, gamified environment. No step-by-step instructions. No hand-holding. Just you, your team, and a fast-moving cloud infrastructure scenario where every decision counts. ...

Today, we’re excited to announce HCP Terraform Premium, now generally available to extend the capabilities of HCP Terraform, offering powerful features that enable organizations to scale their infrastructure automation securely and efficiently. Enterprises looking to maximize their IT investments need solutions that can simplify operations, reduce risk, and optimize cost — all while meeting strict governance and compliance requirements. HCP Terraform Premium is designed to help enterprises with their Infrastructure Lifecycle Management at high scale and includes everything from the Standard and Plus plans, with additional features: ...

As businesses continue to embrace the cloud, the importance of securing sensitive data and secrets increases exponentially. Secrets management is a critical part of an organization's security strategy to safeguard sensitive information such as API keys, database credentials, private keys, and other confidential assets. HashiCorp Vault, an industry standard in secrets management, offers a suite of tools to help enterprises manage these secrets securely, and one of the key pieces of the Vault ecosystem is HCP Vault Radar. ...

HCP Vault Radar is now generally available to help organizations discover and prioritize unmanaged secrets, expanding on Vault’s secret lifecycle management capabilities. Accompanying GA is the ability to import unmanaged secrets discovered in collaboration platforms and Git-supported version control into HashiCorp Vault for centralized management. Securing sensitive data in Vault, such as secrets, is crucial for protecting an organization's most valuable assets and ensuring that access to critical systems is tightly controlled. Securely storing secrets with Vault also presents the opportunity to transition unmanaged secrets to dynamic secrets or implement an automated rotation strategy that minimizes risks associated with credential exposure. ...

We’re excited to share the latest enhancement to HashiCorp Terraform’s permissions capabilities: multiple team tokens. Now generally available in HCP Terraform and coming soon Terraform Enterprise, this addition helps organizations create distinct tokens for different teams, facilitating better access control and collaboration within Terraform environments. Similar to the recent releases of Terraform’s manage teams and manage agent pools capabilities, this new team-API token management setting marks another step in our effort to help users simplify permissions management and enable the least privilege principle in their infrastructure workflows. ...

On April 11, 2025 the CA/Browser forum officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates and the reusability of CA-validated information in certificates. The new ballot targets certificate validity of 47 days by March 15, 2029 . This change isn't just an infrastructure concern that can be relegated to security teams. This change will fundamentally require a reexamination of how products and services operate within the enterprise IT landscape to ensure operational uptime, availability and better security. The shorter lifespan of certificates means that customers must prioritize automation of certificate lifecycle as a core security tenet. Accelerated certificate expiration is a burden mostly to organizations who have manual processes around certificate issuance. In other words, this is only hard if you don't automate your certificate lifecycle management processes, and HashiCorp Vault helps you do that. ...