The increasing popularity of infrastructure as code (IaC) has made IaC management solutions mandatory. One of the most widely used products in this category is Atlantis.
Atlantis is an open-source automation tool that enhances the PR workflow for OpenTofu, Terraform, and Terragrunt projects. Self-hosted and lacking a SaaS offering, it can help reduce the complexity associated with collaboration and governance for Terraform workflows.
It supports multiple VCS providers and runs as a golang binary or Docker image that you can deploy on VMS, Kubernetes, or Fargate.
Atlantis enhances your workflow, but you should consider the following limitations before choosing it as the TACOS for your organization:
- Workflow complexity: Atlantis relies heavily on pull requests for its operations, which can be non-intuitive and cumbersome, especially when setting up multiple workspaces linked to a monorepo
- No direct mapping between projects and branches/tags: Users with comment access on an approved pull request can deploy code, which may result in unintended deployments to production or other environments.
- No robust policy framework integration: Although Atlantis supports Open Policy Agent (OPA) as part of the workflow, it is less effective than other TACOS at ensuring compliance around projects because the integration is less robust.
- No private registry: Atlantis doesn’t offer any solution for private module/provider registry.
- Complex configuration process: It can be hard to configure.
- No drift detection: Atlantis doesn’t offer the direct drift detection that other TACOS do, but you can configure drift detection tools as part of your CI/CD.
In this guide, we consider direct alternative platforms that are self-hosted and also offer OpenTofu/Terraform management natively, as well as indirect alternative platforms that don’t check both boxes:
Spacelift is an Atlantis alternative that allows you to build powerful workflows for OpenTofu, Terraform, Terragrunt, CloudFormation, Pulumi, Ansible, and Kubernetes.
It offers policies based on the OPA framework for various decision points: You can control the kind of resources your engineers can create, the parameters these resources can have, how many approvals you need for runs, what kind of arbitrary tasks can run, what happens when a pr is open, custom policies for the tools you integrate and more.
It enables you to integrate any third-party tool you want, bring your own image, and have full control over what happens before and after runner phases.
Spacelift offers a mechanism to create dependencies between your configurations and go on as many nested levels as you want with these dependencies. You can also easily share outputs between configurations, regardless of whether you are using a single infrastructure tool or multiple. You can build dependencies between an OpenTofu configuration and an Ansible one and share the vm ips from the former to the latter to build the inventory.
| Spacelift | Atlantis | |
| Available Frameworks | OpenTofu Terraform Terragrunt Kubernetes CloudFormation Pulumi Ansible ARM |
OpenTofu Terraform Terragrunt |
| SaaS offering | ✅ | ❌ |
| User Interface | Dedicated User Interface | Same as your VCS |
| State Management | ✅Can host your state, but you are free to host it wherever you want | ❌You need to handle your state |
| SSO | ✅SAML 2.0 | ❌None |
| Policy As Code | ✅OPA | ❌ Only with integration |
| Webhooks | âś… | âś… |
| Private Module Registry | ✅ Built-in + functional and compliance testing solution for new module versions | ❌No registry |
| VCS driven runs + Pull request driven runs | âś…Yes for all supported frameworks | âś…Yes for all supported frameworks |
| High Availability | âś… | Requires additional effort |
| Sophisticated Workflows | âś…Easy to build sophisticated workflows with Stack dependencies and Custom Inputs | Requires writing a lot of code to achieve a sophisticated workflow |
| Resource Visualization | ✅Automatic architecture trees built after resources are deployed | ❌None |
| Drift Detection | ✅ Built-in + optional remediation | ❌None |
| Cost Estimation | ✅Native Integration with Infracost | ❌ Only with integration |
| Audit logs | âś… | âś… |
Terraform Enterprise is a self-hosted offering for your Terraform workflows. Although it offers more features than Atlantis does, compared with Spacelift, it has obvious limitations from the beginning.
Terraform Enterprise’s primary limitation is that it can only manage Terraform code, with support for Terragrunt available only through a workaround. Therefore, if you want to use OpenTofu, a custom Terraform binary, or other IaC tools like Pulumi, CloudFormation, or Kubernetes, Terraform Enterprise will not be sufficient.
Additionally, Terraform Enterprise is restricted to the integrations it supports for Run Tasks. This means you won’t be able to integrate any tools you currently use that are not supported by a Run Task. Furthermore, Terraform Enterprise lacks a mechanism for passing outputs from one configuration to another without writing custom Terraform code.
Jenkins is a self-hosted CI/CD generic platform that leverages the Groovy scripting language for defining pipelines.
It provides a more developer-centric approach, facilitating automated builds, tests, and deployments. Unlike Atlantis, which focuses on IaC, Jenkins is typically used for application-related pipelines, but you can still use Jenkins to manage IaC, though it requires some effort to fully leverage its workflows.
GitHub Actions is a CI/CD platform that is integrated directly inside your GitHub repositories, facilitating application and infrastructure deployment. It can also be self-hosted if you are leveraging a GitHub Enterprise account:
Pipelines are saved in a .github/workflows repository and are written in yaml, and you can bundle up reusable configuration components in “actions” that can be also shared and published in the GitHub Actions marketplace.
GitHub Actions is more versatile for CI/CD than Atlantis, allowing you to handle both application and infrastructure deployments.
Azure DevOps is more than a CI/CD platform. Apart from CI/CD, you get repository hosting, testing services, sprint boards, and more.
Pipelines are developed in yaml. You can build your own pipeline library in the same way you would an OpenTofu/Terraform module and reuse those pipelines wherever you think necessary.
Its scope is broader than Atlantis’s, covering both application deployment and project management. As part of the Microsoft ecosystem, it could be a good choice for organizations heavily involved in it.
Microsoft offers a guide on how to build our terraform workflow.
GitLab CI/CD is very similar to GitHub Actions, but it is integrated into the GitLab ecosystem.
It uses yaml to define CI/CD pipelines in your repositories, providing a straightforward approach to automation that encompasses the entire software development lifecycle (SDLC).
As GitHub Actions, GitLab CI/CD has a broader scope compared to Atlantis, which focuses only on IaC.
Infrastructure management tool Env0 does not offer any self-hosted capabilities, but it supports more tools than Atlantis does.
It works with custom IaC templates, providing a user-friendly option for teams looking for greater control over their cloud environments.
Scalr is an infrastructure management platform similar to Atlantis that focuses on governance and automation across cloud environments.
Scalr tends to focus more on multicloud cost management and compliance, offering a broader cloud management solution than Atlantis does.
Morpheus is a cloud application management platform designed to simplify the deployment, management, and monitoring of applications.
Its main focus is developer velocity. Enhancing self-service provisioning enables developers to spin up new environments quickly with governance and cost control in place.
Atlantis specializes in IaC, whereas Morpheus aims to reduce the gap between IaC and application management under a unified interface.
Azure Automation’s scope is IaC, delivering cloud-based automation and configuration services.
It uses Powershell and Python for writing runbooks, which automate infrastructure-related processes and tasks.
By supporting OpenTofu and Terraform, Atlantis is tailored for multicloud deployments, whereas Azure Automation is more narrowly tailored to the Azure platform.
Many platforms can be considered Atlantis alternatives, but not all of them specialize in infrastructure, can be self-hosted, or elevate your PR automation. If you need this functionality plus the ability to easily enhance your governance and build multi-infrastructure tool workflows that share outputs between them, Spacelift is the only one that does it all.
If you want to learn more about Spacelift and take your infrastructure management to the next level, create a free account or book a demo with one of our engineers to learn more.
The Best Atlantis Alternative
Spacelift is an Atlantis alternative that provides a more intuitive, versatile, and robust GitOps workflow, granular access control, drift detection, and many more. It’s a better, more flexible CI/CD for Terraform, offering maximum security without sacrificing functionality. Spacelift embraces all of Atlantis’ features, offering them in a modern and sophisticated SaaS product.
![How to Enforce Policy as Code in Terraform [Sentinel & OPA]](/_next/image?url=https%3A%2F%2Fspaceliftio.wpcomstaging.com%2Fwp-content%2Fuploads%2F2024%2F07%2F413.terraform-policy-as-code.png&w=3840&q=75)
![Terraform Drift Detection and Remediation [Guide]](/_next/image?url=https%3A%2F%2Fspaceliftio.wpcomstaging.com%2Fwp-content%2Fuploads%2F2023%2F04%2F188.terraform-drift-detection.png&w=3840&q=75)
