HashiCorp, the company behind Terraform, has recently announced the release a public beta of a new feature called ephemeral workspaces in their flagship cloud product Terraform Cloud (TFC). This new feature is aimed at simplifying the management and cleanup of old and unwanted resources that have accumulated over time. But why is this important?
Cost of living crisis
In today’s world, we are all facing a cost of living crisis. Every penny/cent/sen counts, and organizations are constantly looking for ways to reduce costs and increase efficiency. One area where business costs can quickly add up is with cloud infrastructure; this is especially when dealing with development and testing environments where environments are run up as and when required and often forgot about once the test or build has been completed. Leaving now unused resources running and consuming valuable resources and driving up costs unnecessarily.
This is where ephemeral workspaces in TFC come into play. Ephemeral workspaces are workspaces that are automatically destroyed after a set amount of time if they are not being used. This means that resources that are no longer needed will be automatically cleaned up, reducing infrastructure costs and eliminating the need for manual resource cleanup.
According to HashiCorp, the company behind Terraform, ephemeral workspaces can help reduce costs, increase efficiency, and improve security. By automatically destroying unused resources, organizations can save on infrastructure costs and reduce the time and effort required for manual resource cleanup.
But the benefits of ephemeral workspaces go beyond just cost savings. They also increase efficiency by allowing administrators to set time-to-live (TTL) settings on workspaces through the API or UI. This simplifies management and testing, giving infrastructure teams more time to focus on other important tasks.
Furthermore, ephemeral workspaces also improve security. Workspaces that are not actively watched or have been forgotten about can pose a security risk. By automatically destroying unused workspaces, organizations can meet compliance requirements and reduce the potential attack surface of their infrastructure.
Using ephemeral workspaces is easy. Administrators simply need to set a date and time for when they would like the workspace to be de-provisioned. Auto-destroy settings can be found in Workspace Settings under the section in the sidebar called Destruction and Deletion. The status of the auto-destroy setting will be displayed in the sidebar on the workspace’s overview page, alongside other settings like Execution mode and Auto apply.
Once the configured auto-destroy time is reached, Terraform will automatically run a destroy plan and apply it to destroy the managed resources. Notifications can also be configured to send an auto destroy reminder before a destroy run is triggered and to indicate the success or failure of the destroy run.
Terraform Cloud itself is designed to standardize workflows from infrastructure provisioning to operations and beyond. It helps organizations optimize infrastructure investments and improve operational efficiency. The addition of ephemeral workspaces further builds on this optimization, providing organizations with a powerful tool to reduce costs, increase efficiency, and improve security.
All that being said, Hashicorp are only playing catch up with Env0 and Spacelift, their major competitors in this space, by implementing ephemeral workspaces in Terraform Cloud, both competitor companies had already implemented this feature in their platforms for over a year ago.
How can we enable emphemal workspaces in TFC
If you want to check out the new feature in Terraform Cloud, you may need to upgrade your current plan, there will most likely be a cost implication here, so confirm with those who pay the bill that you can actaully undertake this. If you can, you need to follow the following steps (don’t worry you can always drop down to the free tier):
- Visit the official Terraform Cloud documentation.
- Navigate to the Plans and Features section.
- Ensure that you have the necessary prerequisites for activating beta features, such as being a member of your Terraform Cloud organization’s “owners” team and having the appropriate HashiCorp Cloud Platform (HCP) organization role.
- Create the required user accounts by either creating a unified HCP user account or separate Terraform Cloud and HCP accounts.
- Provision the required Terraform Cloud (TFC) team and HCP roles.
- Verify the HashiCorp Flex balance allocation by visiting the HCP Org > Billing page.
Please note that these steps are general guidelines, and it is always recommended to refer to the official documentation for detailed instructions.
How do we use Emphemal Workspaces
Once you have passed the trial for changing your licensing, it is relatively simple configure ephemeral workspaces. Just set a date and time for when you would like the workspace to be de-provisioned. Auto-destroy settings can be found in Workspace Settings under the section in the sidebar called Destruction and Deletion.
Once correctly configured the auto-destroy status will show up in the sidebar on the workspace overview page, next to other settings like Auto-Apply and Execution mode. One thing to note is that auto-destroy status will display as Off if it is not configured. Once configured, the status will show when the next auto-destroy is planned. If, for any reason, the scheduled destroy run fails, the sidebar status will link to the failed run, where the standard run output will provide further details of the potential failure.
Once the configured auto-destroy time is reached, Terraform will automatically run a destroy plan and apply it to destroy your managed resources. you can configured Notifications to send an auto destroy reminder to an email address before a destroy run is triggered, this can be used to allow the auto-destroy run being canceled and a new destroy date set. Also your auto destroy results can be forwarded to the same place to indicate the success or failure of the destroy run.
In conclusion, the release of Terraform ephemeral workspaces in its cloud product is a significant development for organizations looking to optimize their infrastructure. By automatically destroying unused resources, organizations can reduce costs, increase efficiency, and improve security. This new feature is currently in public beta and is aimed at helping organizations manage the cleanup of old and unwanted resources accumulated over time. To access ephemeral workspaces in Terraform Cloud, users need to be on the latest version of the platform.
Overall, this release although incremental in nature highlights HashiCorp’s commitment to providing innovative solutions that address the challenges faced by organizations in today’s cost-conscious environment. With ephemeral workspaces, organizations can take control of their infrastructure costs while streamlining workspace management. It’s an exciting development that will undoubtedly have a positive impact on organizations’ bottom line, that said it is not innovative, as they are only catching up on competitors. Personally considering the potential threat that OpenTF brings to the party, I would have expected more. Lets see what HashiConf in October brings, hopefully a little bit of leap-frog as opposed to chase and tag.
For a deeper look at the feature read HashiCorps blog release on the subject.