Terraform Cloud, developed by HashiCorp, offers a centralized platform for managing Terraform code. Key features include version control integration, secure variable storage, remote state management, and policy enforcement, enabling organizations to efficiently maintain control over their cloud infrastructure.
Before recent pricing changes, HashiCorp Terraform Cloud was available at multiple price points: The free tier includes some basic features; the Team tier was priced at $20 per user per month and offered everything in the free tier plus role-based access control; the Team and Governance tier was priced at $70/user and included everything in the Team tier plus Policies; the Business tier was their most comprehensive option.
This is what Terraform Cloud pricing used to look like:
Free Tier | Team Tier | Team & Governance Tier | Business Tier | |
Price (monthly) | Free | 20$/user | 70$/user + 500$ per extra concurrency | Undisclosed, you need to contact their sales team |
Features | – State Management & Locking
– VCS Integration – Private Module Registry – API Tokens – Variable Sets |
Free + – RBAC |
Team + – Policies – Run tasks – Cost Estimation |
Team & Governance + – Agents – SSO Integration – Audit Logs – Drift Detection – Premium support |
Concurrency | 1 | 1 | 1 | Scaling to unlimited |
In June 2023, HashiCorp switched to a new pricing model for Terraform that includes just three plans for the SaaS version: Free, Standard, and Plus. The Plus plan (quote available from the sales team) is similar to the old Business Tier feature-wise, but the most remarkable change appears in the Free and Standard levels: Hashicorp has switched to a RUM (Resources Under Management) pricing model.
The RUM pricing model calculates costs based on how many resources are managed by Terraform (instances, K8s clusters, security groups, security group rules, IAM users/policies/roles, etc.), rather than considering concurrency, number of runs, or number of users.
In the standard tier, they will manage 500 resources in the state for free. For every other resource in the state above the 500-resource threshold, you must pay $0.00014/hour. In the free tier, the resources are limited to a maximum of 500, making the upgrade to the standard tier necessary. At first, this doesn’t seem like a significant cost, but remember that every security group rule is a resource, and everything you can configure about an S3 bucket (life cycle, versioning, policies, etc.) is also a resource.
This pricing model is unsustainable for many customers, who will find it difficult to predict what their bill will look like at the end of any month. Hashicorp says it does not include null_resource and terraform_data in the billing process, but if you go to your in-app plan & billing tab, you will see them there. In the example below, in my account, I have deployed 600 terraform_data resources and 600 other resources:
Billing doesn’t update in real-time or even near real-time, and you can’t even see these updates in your HCP account.
In the previous pricing tiers, they didn’t offer any premium features in the free tier or in the predecessors of the standard tier. In my opinion, still don’t do that, as you only get a taste of policies and run tasks, which are two essential features for making your workflows usable. Now, instead of nothing, you get a mere five policies in both free and standard tiers, one run task integration, and ten workspace run tasks. Some may argue these are enough, and that might be true in some cases, but there is a catch:
Only one policy can be Soft/Hard mandatory, and one run task can be mandatory, so you will need to pay extra attention to your runs, or else you will have to upgrade to the Plus or Enterprise tier.
Implementing a custom workflow is still really difficult because you are limited to what Terraform Cloud offers in their run tasks. It’s impossible to integrate other tools into your workflow without using an external CI/CD platform like Github Actions.
Download The Practitioner’s Guide to Scaling Infrastructure as Code
Example 1 – Small Teams
For really small teams, the change to RUM can be very beneficial, especially if these teams don’t heavily rely on security groups. Depending on the nature of their application, these teams will either rely on a classic three-tier multi-env web app or use Kubernetes. In either of these cases, the number of resources they are going to deploy with Terraform is going to be under 500.
When you are in a small team, it can make sense to use Terraform Cloud to manage your infrastructure, as it will cost nothing. If you compare this to the old pricing model based on the number of users, you will probably save around $100 to $150 a month. However, every small business wants to grow, and even though you will initially save some money, in the long run, you will lose.
Category | New Pricing (RUM) | Old Pricing |
Pricing | 0.00014$/resource, Free Resources: 500 | 20$/user |
Actual Cost | <500 Resources → 0$/month | 3 users → 60$/month + Usage Cost |
One of our customers, Odos, has migrated from Terraform Cloud to Spacelift, and one of the key factors that influenced their decision was cost. They had between 1,500 and 2,000 resources, and although they would have paid for between 1,000 and 1,500 of them (approximately 150$/month), costs related to concurrency and the user numbers would have brought their bill to five times more than what they are currently paying for Spacelift.
Example 2 – Large Teams
A large team will have thousands or tens of thousands of resources. Working on the IAM and the Network side, you will have to create users, groups, roles, policies, vpcs, subnets, internet gateways, route tables, route rules, security groups, and security groups rules. You will probably do vpc peerings as well, and these can also increase the number of resources.
Let’s imagine a use case in which you have 10,000 resources. The first 500 will be free, so you will need to pay for 9,500 resources. As the cost per resource at the time of writing is $0.00014/hour, it means that you will pay $1.33/hour for all your resources. This adds up to an average monthly cost of $950. With the old pricing model, if your team had 20 users, you would have paid a total of $400 ($20/user * 20 users) + usage cost, which is less than 50% of the current cost.
The more you scale, the worse the results become. You could potentially pay ten times more than you were paying before.
Category | New Pricing (RUM) | Old Pricing |
Pricing | $0.00014/resource, Free Resources: 500 | $20/user |
Actual Cost | 10K Resources → $950/month | 20 users → $400/month + Usage Cost |
Example 3
When the pricing changed, many people complained about it on social media platforms. On Reddit, some people expressed their frustration, describing their infrastructure and how the changes impacted their pricing:
- Github Org with over 900 repos that they provision from the terraform and each has around 10 unique labels, GitHub teams, and associations between repos → ~$860/mo or ~$10,280/annum
- Managing 18,500 resources across a dozen workspaces on the free tier with multiple runs per day → ~1800$/month or ~21,500/annum
- With 600 managed resources across several TFC “prod” workspaces, the expected cost is $122 per year, but if you want to create the equivalent pre-prod workspaces, it won’t cost you twice as much, but the price will actually reach a sum around ~$850 per year.
Another option Hashicorp offers for Terraform Cloud is its enterprise solution. The main difference is that Terraform Enterprise is self-hosted and offered as a private installation rather than a SaaS solution. Terraform Enterprise offers most of the same features as the Terraform Business tier.
Judging from the AWS Marketplace and Azure Marketplace offerings of Terraform Enterprise, pricing starts from $15,000/year, but it includes only five workspaces, which of course, won’t be enough for an enterprise prepared to spend this kind of money on an enterprise-grade solution.
Spacelift is a Terraform Cloud alternative that offers a customizable GitOps workflow for managing infrastructure at scale.
Powerful free tier
As well as the ability to run Terraform workflows and offer feature parity, Spacelift also enables you to create workflows with Kubernetes, Pulumi, and CloudFormation. This, combined with the stack dependencies feature, gives you the flexibility to build end-to-end workflows. By defining dependencies, you have a way of triggering runs on multiple stacks without having to go through each manually.
You also fully own your workflow: You can bring custom code, and even a custom runner image, and you can install and configure any third-party security tools and embed them in your use case. In Terraform Cloud, you can only leverage run tasks, which will always be limited to what Terraform Cloud supports at a given moment.
All of these features are offered in the free tier. Combined with Spacelift’s Policy As Code framework based on OPA (plan and approval policies included for free), this makes it really easy to use the free tier to host your personal projects, and utilizing all these features will really help you become more skilled at handling enterprise workloads. You can even define custom plan policies based on your third-party integrations, using Custom inputs.
OPA uses Rego to define policies, and Rego can be hard to master. At Spacelift, you can harness the Policy workbench to help you speed up policy development by sampling the inputs. In addition to that, you can leverage Spacelift’s policy library to get started.
Multitenancy with Spaces is also available in this tier, making access control easier. With Spaces, you can delegate limited admin access to some of your users in a particular space.
Terraform Cloud does not provide an overview of all of your deployed resources, whereas Spacelift’s Resource Visualization feature makes it really easy to understand what has been deployed in your infrastructure.
Security is key for Spacelift. That’s why we are strongly against using static credentials so you can take advantage of our integrations with AWS, Azure, and GCP.
Cost estimation is another feature that Spacelift offers free, via Infracost. This allows you to predict what your bills will be for your cloud resources at the end of the month. You can easily define policies to do things like restrict creating resources if the hourly or monthly cost exceeds a set threshold.
Terraform Cloud also offers a cost estimation option, but it will probably confuse everybody, as it only takes into consideration what you will pay for the resource in a specific cloud provider and not how much that resource will cost to be held in the state for a month.
Even the free Spacelift tier offers some enterprise features, making it a real game-changer for most users.
Starter and Starter+ tiers
With the Starter tier, you can unlock all policies and integrate with monitoring, chat, and other DevOps tools using notification policies, as well as make decisions in your runs based on what happens in response to a Git push or pull request. Pricing starts at $399/month and includes ten users and a concurrency of two.
This tier also offers a Datadog integration you can leverage to take observability to the next level inside Spacelift. Read more about it here. Other integrations can be easily built by following the same approach as our notification policy.
Using OpenID Connect, you can easily exchange short-lived Spacelift credentials for temporary credentials valid for external service providers.
Our private module registry is also unlocked in this tier, which is a fully-fledged solution that not only hosts your modules but gives you the ability to test them as well.
In Starter+ you unlock one private worker, which means that you can also use drift detection and remediation.
Business tier
In the business tier, you will start with three private workers and unlimited users.
Here you also unlock self-service infrastructure via Blueprints. Blueprints are really powerful. You can create templates with the code, as well as the policies attached to that code, the authentication to the cloud provider, environment variables, shared variables, advanced scheduling, drift detection, and more. This takes reusability to the next level: You configure the template once and use it to create as many stacks as you want.
Apart from that, this tier offers you the ability to do targeted replans of your resources, meaning that you can easily do partial applies to your code.
Advanced Scheduling enables you to delete all the resources inside your stack and the stack itself. This is a helpful way to save costs by deleting all the resources after working hours and on weekends. With this feature, you can also schedule arbitrary tasks that you want to happen on a particular schedule.
Terraform Cloud has two features that combined don’t even come close to Blueprints: Design configuration (which just generates simple code that leverages an existing module, based on its input variables) and no-code provisioning (don’t get too excited, you still write the Terraform code) which just provides the option to give some predefined values to the variables of a module and enable users to deploy workspaces from that without allowing them to make any changes.
To top it up, you also get Silver Customer Success Program and Silver Support SLA.
Enterprise tier and self-hosted
In the enterprise tier, Spacelift supports auditing of all operations that happen inside the platform on the resources. With the Audit Trails feature, you can easily send your audit trails to an endpoint you provide. You will start with 5 private workers and also can create concurrent vcs connections.
Also, with this tier you unlock IdP independent MFA. Many applications offer MFA, that fully rely on their IdP for that. In Spacelift, you get the best of both worlds, you can have MFA implemented on the IdP level, and you can easily enable MFA independently as well, and only when these two sessions are successfully merged, you can log in to your Spacelift account.
To ensure that your API stays safe, in the enterprise tier you also get OIDC-backed API keys – these keys are dynamic and short-lived and, based on the identity provider you use, token management (rotation, revocation, expiration) can be handled automatically.
To read more about Spacelift’s security features, check out this article. To top it up, you also get Gold Customer Success Program and Gold Support SLA.
Check out our various pricing plans to see which tier of Spacelift best suits your business.
Migrate from Terraform Cloud to Spacelift
Many people can be reluctant to change, as it usually involves a lot of manual steps, and the process can be really error-prone. At Spacelift, we understand this, so we’ve provided a seamless way of migrating your Terraform Cloud Workspaces, which we outline in this 7-minute article and also in this 16-minute video.
We already have several of customers who migrated from Terraform Cloud to Spacelift, and you can read more about one of them here.
Although Terraform Cloud offers many interesting features for managing your Terraform workflow, you need to upgrade to the Plus tier to leverage it fully. Even if you are happy with the Standard tier features, many people have already reported they are going to pay more for Terraform Cloud than they are paying their cloud providers for the actual resources.
The key fear for customers is the inability to predict their Terraform Cloud bills – something that creates real difficulties for scaling companies.
On the other hand, Spacelift’s free tier is a powerhouse packed with many features you won’t find even in Terraform Cloud’s top offering. With Spacelift, you unlock workflows for Kubernetes, CloudFormation, Ansible, and Pulumi too.
Upgrading to our Starter, Starter+, Business or Enterprise tier will unlock even more features, which you can easily leverage to build sophisticated workflows that would be really hard to implement in other products. Spacelift pricing is transparent and predictable, so you can scale safely, knowing you are within your planned budget.
Manage Terraform Better with Spacelift
Build more complex workflows based on Terraform using policy as code, programmatic configuration, context sharing, drift detection, resource visualization and many more.