The rapid growth of cloud infrastructure management has created a need for DevOps, cloud, and site reliability engineers. Cloud infrastructure can be managed in several ways, but Infrastructure as Code (IaC) — and, more specifically, Terraform — has become the de facto standard.
Terraform is an IaC tool, designed to help you manage your infrastructure using a declarative language called HCL. It was initially open-source, but HashiCorp, the company behind it, switched to a new license called BSL. Although Terraform is a good starting point for managing your infrastructure, it has several limitations, and some are addressed in HashiCorp’s managed offering called Terraform Cloud.
Terraform Cloud is a managed service HashiCorp has designed to enhance the capabilities of Terraform. It offers a collaborative, cloud-based environment where teams can securely provision and manage infrastructure across various cloud providers and other tools and products that offer Terraform providers.
Features like state management, secrets, policy as code, integrations with third-party tools, credentials storage, and role-based access controls are just some of the benefits that Terraform Cloud offers to streamline the infrastructure deployment process.
Terraform Cloud simplifies the overall management of your Terraform workflows, but here are some limitations you should be aware of:
- Terraform-only support – You will usually need multiple tools to manage infrastructure in an organization. With Terraform Cloud you can manage only Terraform (and, to some extent, Terragrunt), which means you will need other products to manage the other products you use.
- Pricing – Terraform Cloud is priced according to resources under management (RUM), which can become expensive. The first 500 resources are free, and then you pay 0.00014$/hour per resource, but remember that every security group rule and every IAM policy is a resource
- Vendor lock-in – In light of all the license changes Hashicorp introduced last year, being restricted to Terraform can result in vendor lock-in,, and switching to other vendors can be cumbersome when you need to do it
- Integrations limited to run tasks – Terraform Cloud integrates with some tools, through their run tasks feature, but you cannot integrate with other tools if they are not supported as a run task first.
- Limits on policy numbers and run tasks in the lower tiers – In TFC’s Free and Standard tiers, you get one policy set that can have five policies in it and a single run task that can be used on a maximum of ten workspaces, which can be extremely limiting
Top Terraform Cloud alternatives include:
Spacelift is a Terraform Cloud alternative that enhances your Terraform, OpenTofu, Terragrunt, Kubernetes, Ansible, Pulumi, and CloudFormation workflows. It uses OPA to implement policy as code, and these policies can control various decision points throughout the application. With Spacelift’s policies, you can define which resources your team can create, what kind of parameters those resources can have (for example, you can restrict an EC2 instance type to a shape you want), the number of approvals you need for a deployment, where to send notifications, what happens when a pull request is open, and more.
Spacelift can integrate with any tool you want, lets you bring your own Docker image, and also allows you to control what happens before and after every runner phase. Apart from that, you can build self-service infrastructure using Spacelift’s Blueprints, which can be really helpful, especially for development teams that need to build infrastructure but don’t want to touch any IaC.
Spacelift’s pricing is predictable and there is no RUM, so it will be easy to predict what your bill will look like at the end of the month. See the comparison here: Terraform Cloud vs. Spacelift.
Moreover, it’s very easy to migrate from Terraform Cloud to Spacelift. Spacelift developed a way to speed up the migration process. Learn how to migrate from Terraform Cloud.
| Spacelift | Terraform Cloud | |
| Predictable, Cost-effective Pricing | ✅Yes | ❌No, pricing is RUM based |
| Multi-IaC Workflow | ✅Yes, Terraform, OpenTofu, Terragrunt, CloudFormation, Kubernetes, Ansible, Pulumi | ❌No, only Terraform and Terragrunt supported |
| Dependencies Workflow | ✅Yes | ❌No |
| Integrations | ✅Unlimited integrations | 🟠 Integrations limited to run tasks |
| Full-Workflow Control | ✅Full control over your workflow by bringing your image, modifying the default workflow, and hooks in runner phases | ❌Limited to what TFE lets you do |
| Policies across various decision points | ✅Control almost any aspect of the platform through policies | 🟠Only the equivalent of plan and approval policies |
| Policy Library | ✅Yes, policy templates can be imported easily and modified to suityour needs | ❌No |
| Resource Management | ✅Full inventory management solution including visualization, lifecycle tracking, search, and filtering | 🟠Resource view only per workspace |
| Auto-Attachable Contexts and Policies | ✅Yes, this can be done easily via labels | ❌No |
| Unlimited policies and third-party tools integrations | ✅Yes | ❌No, in the lower tiers you are limited to a predefined number |
| Targeted Runs | ✅Native | 🟠Only with the TF_CLI_ARGS_plan |
| Atlantis-style workflow | ✅Yes | 🟠Partial |
| Custom Tasks | ✅Yes | ❌ No |
| Advanced Scheduling | ✅Yes | ❌No |
| State Management | ✅Managed + Optional ability to use other backends | 🟠Managed only |
If your team is using Pulumi instead of Terraform, Pulumi Cloud is a viable solution to manage your Pulumi workflows.
It offers a suite of capabilities aimed at improving overall productivity and collaboration within engineering teams, managing infrastructure state, secrets, and configuration across any cloud environment.
One of its main strengths is the integration with CI/CD pipelines, which allows for seamless automation and deployment processes. Moreover, Pulumi Cloud ensures security and compliance by encrypting data in transit and at rest, and it supports integration with major cloud providers’ key management services.
However, the Pulumi pricing uses a structure similar to Terraform Cloud’s RUM model, called Pulumi credits. You get 150k Pulumi Credits provided monthly at no cost, covering roughly 200 resources. On Pulumi’s website, you get multiple examples of how much you will have to pay for your resources. You can find out more here.
GitHub Actions is a generic CI/CD platform that can be used to implement your Terraform workflows. It offers many reusable tasks called “Actions” that can help you build your IaC workflows fast, but using it to manage your workflow at scale can become complicated.
With GitHub Actions you declare your workflow in a .github/workflow.yaml file, so it uses the yaml language to describe the pipelines, and you also have the option to build your own reusable actions.
Although it is not specifically made for IaC, GitHub Actions can be used for this purpose and can be a really good alternative to Terraform Cloud. Read more about why GitHub Actions is not such a good idea for IaC.
GitLab CI/CD is quite similar to GitHub Actions, helping you build IaC workflows for Terraform, although it is a more generic pipeline.
GitLab CI/CD facilitates a smooth integration with GitLab repositories, and it uses yaml for the direct configuration of the pipelines within your repository. This integration makes it easier to understand and monitor the modifications and processes occurring in your codebase.
Similar to GitHub Actions, it presents an uncomplicated method for automation that covers all phases of the software development lifecycle.
CircleCI is another generic CI/CD pipeline that can help you build your Terraform workflows.
It also uses yaml to declare your pipelines, and it offers many reusable orbs — packaged tasks that can be reused in your workflows.
CircleCI’s robust ecosystem supports the automatic execution of deployment scripts and tests every time a change is made to the repository, including your Terraform configurations. This means that any updates to infrastructure can be validated and deployed automatically, following the same testing and review processes as the application code.
Env0 automates cloud environment management for IaC, integrating with Terraform to enable consistent, scalable deployments. It enhances efficiency by enforcing policies, optimizing costs, streamlining the overall deployment process, and ensuring compliance.
It allows developers to manage their infrastructure environments, balancing speed with control, and aligning with DevOps and agile practices for streamlined infrastructure management.
Scalr is a cloud management platform that optimizes IaC practices, offering enterprises a unified approach to managing cloud resources across various environments.
It integrates with Terraform to streamline the provisioning, compliance, and governance of cloud infrastructure, ensuring consistent deployments and enabling policy enforcement at scale.
Atlantis is a PR-enhancement product for Terraform, that brings collaboration to the next level. It is self-hosted only and can be installed on both virtual machines and Kubernetes clusters.
The biggest advantage Atlantis has over Terraform Cloud is the fact that you only need to pay for the infrastructure hosting it, not for RUM.
To enhance your Terraform workflow with Atlantis, you will need to follow the following process:
- Open a pull request on a repository that’s configured inside Atlantis and hosts your Terraform code.
- When this happens, it will trigger an atlantis plan, which runs a terraform plan behind the scenes, and writes the output on the pull request as a comment.
- used on the output of the plan, you can receive feedback from other engineers and discuss potential issues and improvements.
- After discussing the output, you can make a decision:
– Approve – you can run atlantis apply via a PR comment and this will run terraform apply for you, commenting back the apply output on the PR.
– Discard the plan and close the pull request.
Atlantis improves your Terraform management from your pull request workflow, enhancing overall collaboration and ensuring that errors are kept to a minimum.
Many platforms can be considered Terraform Cloud alternatives. Some of them are generic CI/CD pipelines that can accommodate your IaC workflow, but Spacelift is a dedicated platform for IaC management, enhancing governance and security and speeding up and simplifying the overall deployment process of your infrastructure.
If you want to learn more about Spacelift, create a free account or book a demo with one of your engineers.
The Best Terraform Cloud Alternative
Spacelift is a feature-rich and cost-effective Terraform Cloud alternative that works with Terraform, Terragrunt, OpenTofu, Ansible, and all major IaC frameworks. It offers a predictable pricing model and supports self-hosted on-prem workers, workflow customization, drift detection, and much more.
