How it works
Spacelift is an infrastructure-as-code (IaC) management tool used to build multi-IaC workflows for Terraform, OpenTofu, Ansible, Kubernetes, Terragrunt, CloudFormation, and Pulumi. It integrates with your VCS provider and references a directory containing your IaC configuration. It creates a predefined workflow for deployments in any cloud provider, using one of the supported IaC tools.
Streamline your workflow
Describe your infrastructure as code with your favorite IaC tool.
Push your code to your VCS system.
Create a stack for your VCS repo. Whenever there are changes, runs will be triggered.
Choose if you want to apply your code automatically, or by manual intervention.
Infrastructure changes are applied in your provider.
Get a technical demo with an engineer
“Spacelift has enabled Checkout to scale from a handful of deployments per day to averaging over 500 per day.”
Trusted by top companies, including:
Why Spacelift
Powerful components
In Spacelift, stacks are responsible for configuring and deploying your workflow. With a full spectrum of tool integrations, you can have your choice of VCS provider and backend (Terraform, OpenTofu, etc.), configure versions, optionally configure what happens before and after every runner phase — and even attach cloud integrations for short-lived credentials, policies, and contexts.
Elevated security, governance, and compliance
Use policy as code to define the types of resources your workflows can create, the resource parameters, the number of approvals required for a run, what happens when a PR is open against a branch, and where to send notifications. Attach policies from the following categories to as many stacks as you want:
Customizable workflow
Add commands between your runner phases, bring your own image, or even configure the default workflow commands. This flexibility enables easy integration with any third-party tool. You can even define policies for workflows via custom inputs, and you never have to compromise.
Streamlined orchestration
Use stack dependencies to easily configure your EC2 instances and K8s clusters. Share outputs between dependent stacks. Nest those dependencies to trigger runs on child stacks when the parent stack finishes a run successfully. Transform your monolith deployment into multiple micro-deployments, making it easy to identify where problems arise. Your workflow potential is limitless!
Want to see Spacelift in action?
Let an engineer walk you through Spacelift
What users say about Spacelift
- Spacelift has enabled Checkout to scale from a handful of deployments per day to averaging over 500 per day.
- The great thing about Spacelift is it does what we need it to do without getting in the way. Once we had it installed and configured, it faded into the background of our workflow, letting us operate more efficiently with no hassle.
- We needed a way to create consistent run environments and provide auditing. And we increasingly needed to be able to hand off approvals for runs to developers and security staff. Spacelift has made it simple, so it’s had a positive impact on the company as a whole.
Useful resources
Why DevOps Engineers Recommend Spacelift?
Spacelift is a valuable tool for DevOps engineers, as it helps them manage their infrastructure more efficiently and effectively. Explore its key features and read client's testimonials.
Spacelift is a valuable tool for DevOps engineers, as it helps them manage their infrastructure more efficiently and effectively. Explore its key features and read client's testimonials.
Learn moreSelf-Service Infrastructure with Spacelift
Explore examples of self-service infrastructure, the problems it solved, and the improvements Spacelift can add with Blueprints, Spaces, Policies, and more.
Explore examples of self-service infrastructure, the problems it solved, and the improvements Spacelift can add with Blueprints, Spaces, Policies, and more.
Learn moreTerraform Cloud / Enterprise Workspaces vs. Spacelift Stacks
See the differences and similarities between Terraform Cloud workspaces and Spacelift stacks and examples of how to use them.
See the differences and similarities between Terraform Cloud workspaces and Spacelift stacks and examples of how to use them.
Learn moreFind out What Makes Spacelift Secure
Spacelift’s number one priority is and always will be security. Take a look at Spacelift security architecture and security features.
Spacelift’s number one priority is and always will be security. Take a look at Spacelift security architecture and security features.
Learn more
Frequently Asked Questions
How does Spacelift run in my environment?
Spacelift is a control plane that executes runs on workers. You can use shared workers or run private worker pools in your cloud for full data path control, with end-to-end encryption of run payloads. If your repos are private to the internet, a lightweight VCS agent lets Spacelift reach them securely.
What is a “stack” in Spacelift?
A stack is an isolated unit that combines your IaC repository, current state, and configuration, such as environment variables and mounted files. It is the primary entity you operate on in Spacelift.
Which IaC tools can I use with Spacelift?
Spacelift supports Terraform, OpenTofu, Terragrunt, Pulumi, AWS CloudFormation, Kubernetes, and Ansible, so you can standardize workflows across mixed tooling.
What is a “run” in Spacelift?
A run is a job that can preview or change infrastructure. Common types are proposed runs for safe previews and tracked runs for actual deployments, with optional approvals in between.
How does drift detection work in Spacelift?
Spacelift detects drift by executing scheduled proposed runs against finished state and flagging any differences. You can review findings in the UI and optionally reconcile, and it works on private workers.
How do I connect my source code to Spacelift?
Connect your Git provider and select the repo. Spacelift supports GitHub, GitLab, Bitbucket, and Azure DevOps, including self-hosted and SSH.
How do I share secrets and common config across Spacelift stacks?
Use Contexts to share environment variables, mounted files, and hooks across stacks and modules. Attach a context wherever you need it to avoid copy-pasting configuration.
How does policy-as-code work in Spacelift?
Spacelift uses Open Policy Agent with Rego to enforce rules at every stage. You write readable policies that check plans, control who can approve or apply, govern which stacks can touch which accounts, and block risky changes before they land. Policies evaluate in the worker context with full input data, return clear messages to engineers, and become part of your compliance record.
Can I self-host Spacelift?
Yes. There is a self-hosted edition that you install in your own infrastructure with provided images and templates for clouds like AWS, GCP, and Azure, as well as on-premise Kubernetes environments.