Boston, Oct 18, 2024 – At this year’s HashiConf, HashiCorp made strides in infrastructure management and security with the release of Terraform 2.0 and new security features, all while the looming IBM acquisition remained an unofficial yet unmistakable presence.

Spotlight on Terraform 2.0 and New Security Tools

At the heart of HashiCorp’s announcements was Terraform Stacks - “Terraform 2.0” now available in public beta. Designed to streamline infrastructure management across complex environments, the Stacks functionality promises better scalability and lifecycle control. CTO Armon Dadgar explained that Stacks is positioned to support new Kubernetes workflows and allows users to manage up to 500 resources in the beta phase at no cost, adding a key tool for organizations aiming to control infrastructure at scale.

In addition to Stacks, HashiCorp unveiled the general availability of HCP Waypoint. This tool empowers developers to construct internal platforms, providing templates, dependency management, and self-service options to make application deployment more efficient. According to HashiCorp’s Senior Director of Technical Product Marketing, Kyle Ruddy, the focus with Waypoint was to deliver an "abstraction layer" that reduces reliance on the HCP Terraform console, aligning with HashiCorp’s push for simplified, user-driven infrastructure management.

Security Takes Center Stage

With security concerns shaping much of the current tech landscape, HashiCorp highlighted new security features within its HCP Vault product line. These included auto-rotation of secrets, alongside beta versions of dynamic cloud credentials and secrets management tools that offer better support for security lifecycle management. HCP Vault Radar was also introduced in beta, a tool aimed at detecting unapproved secrets in code, providing users with guidance on remediation.

These announcements come after HashiCorp’s controversial licensing shift in 2023, when the company adopted the Business Source License, limiting the open-source use of its products. This change spurred the development of open-source alternatives, like OpenTofu and OpenBao, which now challenge HashiCorp’s offerings in the infrastructure and security sectors.

The Quiet Elephant: IBM’s Pending Acquisition

Despite these ambitious announcements, the overarching topic many anticipated—the $6.4 billion IBM acquisition—was barely addressed on stage. HashiCorp’s leadership, especially CEO David McJannet, downplayed the acquisition’s significance, merely indicating that the deal should conclude by year-end, subject to regulatory clearance. Yet, the future of HashiCorp under IBM remains an area of intrigue. Industry experts, including Chris Reuter from Resourcely, suggest IBM could replicate its approach with Red Hat, letting HashiCorp operate independently while contributing to a multi-cloud strategy.

In the end, HashiConf 2024 underscored HashiCorp’s continued focus on delivering infrastructure and security solutions while navigating its impending acquisition. With new tools like Terraform Stacks and HCP Waypoint, HashiCorp shows no sign of slowing down in its commitment to innovation, even as it potentially integrates with one of tech’s biggest giants.

Tools Mentioned in the Article

1. Terraform Stacks (Terraform 2.0)

   • Now available in public beta, Terraform Stacks offers new lifecycle management capabilities and scalability enhancements. This feature allows users to organize infrastructure at scale, with support for up to 500 resources in the beta phase.

2. HCP Waypoint

   1. Now generally available, HCP Waypoint helps developers build internal platforms with dependency management and self-service features. Designed to simplify deployment workflows, it provides an abstraction layer to reduce the complexity of managing resources.

3. HCP Vault

   • HashiCorp’s HCP Vault provides security lifecycle management with key features:
     • Auto-Rotation: Automates secret rotation to improve security.
     • Dynamic Secrets: Currently in public beta, this feature generates secrets on demand for cloud services.
     • Dynamic Cloud Credentials: Also in beta, designed to ease cloud credential management.
     • Vault Radar: A new tool in beta that scans code for exposed secrets, helping users address security risks.

4. HCP Terraform Console

   • Although not a main focus of the announcements, HCP Terraform Console remains a core part of the infrastructure management suite for users who require deeper control over their Terraform deployments.