HashiCorp

click. click. click.

Agentic AI is reshaping enterprise software and exposing massive security gaps as NHIs surge. Learn how HashiCorp and IBM apply zero trust principles such as dynamic credentials, auditing, PKI, and more to secure autonomous systems before threats become incidents. https://bit.ly/3YbNxg8

Terraform just introduced organization-level control for user API tokens giving platform teams stronger governance and access visibility. With this update, Terraform owners can: • Enable or disable user token use across their organization • Enforce least-privilege access at scale • Reduce risk from long-lived or unmanaged credentials This feature is now available in HCP Terraform and coming soon to Terraform Enterprise. https://lnkd.in/ep_DBTdA

Most organisations talk about resilience, but regulated industries do not get that luxury. For teams like IG Group, resilience is mandatory. Regulators expect proof, attackers assume weakness, and any gap in secrets management can turn into a multimillion-dollar incident. At HashiDays 2025, Andrew Blooman, Platform Security Team Lead at IG Group, shared one of the clearest views into what resilient infrastructure actually requires. His message was blunt: regulations like DORA are not abstract guidance. They shape how you build, how you code, how you separate environments, and how you recover under pressure. IG Group uncovered painful truths along the way. Secrets were scattered across code. Developers did not have clear guidance. Detection tooling was weak. Manual processes slowed everything down. What looked like “technical debt” was actually business risk hiding in plain sight. Their turnaround came from treating secrets management as a foundational capability. By standardising on Vault, automating with Terraform, and building a shared security culture, IG Group eliminated secret sprawl, strengthened compliance, enabled developer self-service, and moved toward dynamic, just-in-time access. What once took hours of configuration became a single line of code. And security became something that fueled delivery instead of blocking it. If you lead in a regulated environment, this case study is a must-read. It shows exactly how a financial services organisation rebuilt its security posture, improved developer experience, and aligned engineering with mandatory regulatory expectations. Read the full case study here:  https://lnkd.in/e3ecpivY

Are you still manually invoking Lambda functions, creating invalidation requests for CloudFront’s cache, or running Ansible playbooks outside of your core Terraform provisioning workflow? Use Terraform actions — now GA — to unify and automatically trigger all of these fragmented Day 2 workflows in Terraform. https://bit.ly/3KLLa0t

Thank you to everyone who joined us for #AWSreInvent. Until next year! 💜

Wrapping up re:Invent with a look at what’s resonating most with customers — from AWS’s new DevOps Agent service to how HashiCorp can bring identity, consent, and Terraform consistency into agentic workflows. Tyler Lynch breaks down where agentic interfaces and infrastructure automation are heading next.

Armon Dadgar breaks down the full picture of non-human identity and why many organizations struggle with visibility and governance. From discovering unmanaged secrets with Radar to issuing just-in-time credentials with Vault to securing system-to-system access with Boundary and Consul, he shares how HashiCorp helps teams bring order to NHI.

The Kiro AI-powered IDE, built by Amazon Web Services (AWS) , introduced “powers” extensions this week at re:Invent. HashiCorp is a powers launch partner with the launch of our Terraform power extension for Kiro. https://bit.ly/44H5zuk

Our community is strongest when practitioners share what they’ve learned along the way. Jasmine talks about why your story matters and how you can get involved through HashiTalks 2026 or your local HashiCorp User Group.