HashiConf The full conference agenda's now LIVE. Buy your pass and plan your schedule. Register
Terraform
Terraform Home

You are viewing documentation for version 1.0.x (latest). View latest version.

Terraform Enterprise 1.0.x

The following table shows Terraform Enterprise releases, deployment methods, and prerequisites. Each version links to detailed release notes, which are also available in the right sidebar.

Below is a list of the most recent Terraform Enterprise Releases that can deploy Terraform Enterprise natively in a Kubernetes environment. Learn more about flexible deployment options.

VersionLinked
Terraform CLI**		SentinelTested Kubernetes Versions (EKS, AKS, GKE)Helm Chart Version
1.0.01.12.10.40.01.33, 1.33, 1.321.6.5

* Denotes a required release. All online upgrades will automatically install this version, but airgap customers must upgrade to this version before proceeding to later releases.

** The release package contains this version of the Terraform CLI, but you can install older and newer versions of the Terraform CLI as needed via the Admin UI or API.

+ This release is unavailable.

1.0.0

2025-08-11

Last required release: v202406-1 (776)

Flexible Deployment Options terraform-enterprise container digest: amd64/linux sha256:f6d5ac9e14ec22b715e2fbbf39a22898b6e88ac41528f85b969a0cac8a003d84, arm64/linux sha256:28b70e648b22148b32d684db7ecd2f4de109e9e091e4cb7fd430559929847b6b

Deprecations

  1. PostgreSQL v13 will reach end of life on November 13 2025 and will no longer be supported in Terraform Enterprise after that date. Refer to the requirements for connecting to an external PostgreSQL database for a complete list of supported versions.
  2. We will stop supporting token generation during impersonation sessions in the next release.

Highlights

  1. Terraform Enterprise now supports ARM architecture deployments. No additional configuration is necessary. Customers wanting to use remote agents on ARM can now do so with agent version 1.22.4 or later. If you have existing agent pools you want to move to ARM, instructions are on Manage agent pools.
  2. Explorer is now available for beta testing on Terraform Enterprise. Explorer helps surface a wide range of valuable information from across your organizations. More information along with instructions about beta testing Explorer can be found on Explorer on Terraform Enterprise. Additional information about Explorer can be found in the API documentation, and workspaces documentation. Beta features should not be tested on production deployments. Feedback and support requests related to the Explorer beta should be directed to your account team.
  3. Private Registy Monorepo support is now available for beta testing on Terraform Enterprise. Users can now publish and manage multiple modules from a single repository in the private registry by enabling a new organization-level setting. To make this setting visible, a Terraform Enterprise admin must first set the environment variable TFE_ATLAS_REGISTRY_MONOREPO_TOGGLE_ENABLED to 1.

Features

  1. Terraform Enterprise and Sidekiq can use Azure MSI to connect with their respective Redis instances. Password is no longer required and tokens rotation will be handled internally.
  2. When used within Terraform Enterprise instances, Redis Sentinel data stores now support mTLS. This ensures that only clients with valid certificates can connect. Passwords are no longer required.

Improvements

  1. Users reported that the variable set page in the UI was slow to load for variable sets that were applied to a large amount of workspaces. The performance of this page has been improved.
  2. Loading registry modules in the private library is now more performant.
  3. This release reduces memory usage and pressure on the database when deleting workspaces. Workspace deletion is now handled by a batched async workflow that deletes workspace-related data in stages, and limits the number of fields loaded where possible.

Bug Fixes

  1. Parameter configuration has incorrectly been available for Managed Policy Sets under the legacy workflow. This has been rectified and will no longer be displayed.
  2. Users reported that the Create a team token button in the Teams Tokens page was not always visible. This bug has been resolved, and the create button should be rendered for users that have permission to create a team token.
  3. Users reported that searching for a team when creating a team token did not always return the expected queried teams. This bug has been resolved, and the team search should always return the expected results.
  4. Fixed an issue that caused cost estimation to fail for some Azure SQL BC SKUs

Security

  1. InResponseTo validation is now enabled for Service Provider (SP) initiated SAML requests, and the requests are consumed after use to prevent replay attacks. IdP initiated SAML requests will not have this feature enabled as it is not supported. If you need to disable this feature for SP initiated requests, you can set the TFE_SSO_VALIDATE_REQUEST_ID environment variable to false in your startup script.
Edit this page on GitHub