How does Terraform support this?

Terraform Terraform Cloud & Enterprise
1

How does Terraform support this?
Local cloud provider for Data Sovereignty (Mom and Pop cloud in country, Azure Stack in a local DC in country). Please let me know. thanks

2

Hi @rajganesh.jaganathan

In Terraform you can define Multiple Provider Configurations, each provider will target one of your data centers.

So yes you can simultaneously manage multiple data centers with a single Terraform plan. But as many things in Terraform, can and should are not the same.

I wouldn’t do it and instead, I would create multiple Terraform configurations, one for each data center and event individual layers.

3

Hi @rajganesh.jaganathan,

I can’t advise on what exactly is required by the regulations you are subject to or concerned about, but here is some information that will hopefully be helpful in evaluating this yourself, or with the help of a local expert:

  • Terraform Cloud is, at the time of writing, deployed exclusively in the United States of America.
  • Terraform Cloud’s managed execution environments – part of Terraform Cloud – currently run on equipment based in the USA, although they can access services based in other countries as long as those services can accept incoming connections from the USA networks where these environments run
  • You can use Terraform Cloud Agents to move the execution environment to equipment you control, as long as that equipment is able to reach the Terraform Cloud API hosted in the USA.
  • If you are using Terraform Cloud (the managed service) then today the control plane is always in the USA, even if you run Terraform Cloud Agents in another location. Terraform Enterprise is a fully-self-hosted form of Terraform Cloud that you can deploy on your own equipment in an acceptable jurisdiction, without any runtime dependency on servers in the USA.
  • Open source Terraform CLI without Terraform Cloud or Enterprise is local software you can run on whatever computer you like, and then you can configure it to connect to any service reachable from the computer where you run it. However, you will need to make your own arrangements for state storage and any needed automation etc in that case.