Managed identities allow a subject to assume an IAM or Azure role and perform the actions they need without having to manage passwords, registration keys, or other sensitive credentials. There are even access rules to control who or what may assume a managed identity.

Service accounts make it painless for an external entity (CICD pipeline, runner agent) to authenticate with Tharsis using OIDC federation, eliminating the need for extensive setup or credential management.

Whether it's GitHub or GitLab, VCS integration makes it a no-brainer to launch a Terraform run right from the repository, all of which can be fine-tuned with advanced controls to your liking. Simply push a commit to a linked repository and view the run within the Tharsis UI!

Unlock a whole new world of collaboration and Terraform module distribution. Create, upload, and share modules within your organization or group, all within the Tharsis ecosystem with added benefits like attesting modules using the in-toto specification and limiting managed identity usage to only modules meeting those attestations.

Publish, version, and share Terraform providers within your organization without having to rely on public registries, all with the help of GoReleaser and a few commands in the Tharsis CLI.

Written in Go, fueled by the Tharsis SDK and GraphQL API, our CLI exposes most API functionalities and makes it straightforward to interact with the remote Terraform backend right from the terminal. Perfect for CICD operations where command lines are a must.

Leverage the power of Tharsis through HCL by using our Terraform Provider readily available on our GitHub and the public Terraform Provider Registry.

The Tharsis SDK powers our Terraform Provider, the job executor, and the CLI. For power users, if the provided functionality is not enough, it's possible to implement custom tools that fit your needs with usage examples available in our repository to help anyone get started.