Unify Multi-Cloud Visibility with HCP Terraform and Infragraph: A Practical Guide

Overview

Migrating to the cloud promised simpler infrastructure provisioning and management. Yet for many enterprises, reality is more complex. New pain points undercut cloud speed, security, and scale. A typical organization now stores infrastructure data in silos, lacking a unified picture of hybrid and multi-cloud environments. Platform teams either patch together visibility manually or buy disparate tools, increasing sprawl. Tracking resource ownership, security patching, and cost optimization becomes harder as complexity grows.

HCP Terraform powered by Infragraph addresses this challenge. Infragraph is a centralized, event-driven knowledge graph that provides dynamic, unified visibility across your entire infrastructure estate. It replaces static, outdated snapshots with real-time updates, empowering teams to secure and optimize resources. Announced at IBM Think, this functionality is now available in public preview for qualified US HCP Terraform customers. This guide walks you through its benefits and how to get started.

Prerequisites

Before using Infragraph with HCP Terraform, ensure you meet the following requirements:

• HCP Terraform Account: You must have a HashiCorp Cloud Platform (HCP) Terraform account. Only US-based customers are eligible for the current public preview.
• Qualified for Public Preview: Access is limited. Check your HCP Terraform organization’s preview features page or contact HashiCorp support to confirm eligibility.
• Active Infrastructure: Infragraph ingests data from your managed resources. At least one Terraform workspace with deployed resources (AWS, Azure, GCP, etc.) is recommended.
• API Access: For programmatic interaction, you’ll need an HCP API token or OAuth credentials. See Step 3 for details.
• Permissions: Your user account must have “Admin” or “Manage” permissions within HCP Terraform to enable preview features.

Step-by-Step Instructions

Step 1: Enable Infragraph in Your HCP Terraform Organization

First, log in to the HCP Terraform dashboard. Navigate to your organization settings. Under “Features” or “Preview Features,” toggle “HCP Terraform powered by Infragraph” to enabled. This activates the knowledge graph for your workspaces. Once enabled, Infragraph begins collecting state and event data from all provisioned resources.

Step 2: Verify Data Ingestion

After enabling, allow a few minutes for initial data synchronization. To confirm ingestion is working, go to your workspace’s “Infrastructure” tab (a new section labeled “Infragraph” should appear). Here, you’ll see a dynamic graph of resources, dependencies, and last-updated timestamps. If no data appears, check that your Terraform configuration includes at least one resource (e.g., aws_instance or azurerm_virtual_network) and that a recent run has succeeded.

Step 3: Query the Knowledge Graph via API

For automated workflows, you can query Infragraph programmatically. Use the HCP Terraform API. Example using curl:

curl --request GET \
  --url 'https://api.terraform.io/api/v2/infragraph/resources' \
  --header 'Authorization: Bearer YOUR_API_TOKEN' \
  --header 'Content-Type: application/vnd.api+json'

Replace YOUR_API_TOKEN with a token from your HCP account settings. The response returns a JSON object containing resource IDs, types, attributes, and relationships. You can filter by workspace, provider, or tags using query parameters.

Step 4: Explore the Graph UI

Within the HCP Terraform console, click on any resource node to view its properties, current state, and connected resources. The graph updates in near real-time as Terraform runs or infrastructure changes occur. Use the search bar to find resources by name, ID, or tags. This unified view replaces manual consolidation across multiple cloud consoles.

Step 5: Set Alerts and Automate Responses

Infragraph events can trigger automated actions. For example, you can create a run task or policy that monitors for security vulnerabilities. In the workspace settings, define a custom run task that fires when Infragraph detects a specific resource change (e.g., a public-facing S3 bucket). Use Terraform’s terraform cloud run tasks provider or the API to link this to your CI/CD pipeline.

Step 6: Future AI Integration

While still in preview, Infragraph lays the foundation for AI-driven automation. In later phases, you may be able to use natural language queries to recommend optimizations or auto-remediate issues. For now, the graph provides structured data ready for analysis with tools like HashiCorp Sentinel or third-party AI platforms.

Common Mistakes

Mistake 1: Expecting Instant Data After Enabling

Infragraph needs time to collect and index data from all workspaces. Patience is key—initial sync can take 5–15 minutes depending on resource count. Do not re-toggle the feature repeatedly.

Mistake 2: Overlooking Permissions

If the Infragraph tab doesn’t appear, verify that your user role includes “Admin” or “Manage” for the organization. Lower roles may see no option to enable the preview.

Mistake 3: Relying on Stale Data

Infragraph updates are event-driven but not instantaneous. Always check the “last updated” timestamp on resources. For critical decisions, trigger a Terraform run to force state refresh before querying the graph.

Mistake 4: Ignoring API Rate Limits

If using the API, be aware of rate limits. Too many rapid requests may result in HTTP 429 errors. Implement retry logic with exponential backoff.

Mistake 5: Confusing Infragraph with State Files

The knowledge graph is not a replacement for Terraform state. It provides read-only, enriched visibility. Do not attempt to write changes through the graph UI; use Terraform runs.

Summary

HCP Terraform powered by Infragraph brings dynamic, centralized visibility to multi-cloud infrastructure. By replacing static, siloed data with a live knowledge graph, platform teams can respond faster to security issues, track ownership, and control costs. This public preview offers a glimpse into AI-enhanced automation. Enable it in your HCP Terraform organization, explore the graph, and start unifying your infrastructure management today.