Abbey is now available on AWS Marketplace

Access Governance
via Terraform

The easiest way to add automated access request flows
to your existing Terraform resources.

What is Abbey?

DevOps Engineers use Abbey to configure how employees in their organization get access to infrastructure resources. Abbey prevents excessive access by extending Infrastructure as Code setups with workflows to grant, revoke, and audit access for security and compliance.

IMPROVE SECURITY, REDUCE TOIL

Route requests efficiently. Grant access quickly. Revoke access automatically. Without tickets.

SIMPLIFY COMPLIANCE

Address required identity and access compliance controls with automation. No more screenshots.

MAINTAIN CONTROL

Own your Terraform state, CI/CD, and secrets. Abbey doesn't touch that. Deploy in minutes.

HOW IT WORKS

The Abbey Platform

Automate access using your existing infrastructure

Define workflows in Terraform

Specify Access Workflows and Policies via an Abbey Grant Kit.

Learn about Grant Kits

resource "abbey_grant_kit" "eng_readonly_role" {
  name            = "Eng_ReadOnly_Role"
  description     = "Read-only role for Snowflake PII Datasets"

  workflow = {
    steps  = [
      { reviewers = { one_of = ["alice@acme.com", "bob@acme.com"] } }
    ]
  }

  policies = [
    { bundle = "github://acme-inc/infra/policies/soc2" }
    { bundle = "github://acme-inc/infra/policies/auto-revoke-24h" }
  ]

  output = {
    location = "github://acme-inc/infra/access.tf"
    append   = <<-EOT
      resource "snowflake_role_grants" "eng_readonly" {
        role_name =   data.snowflake_role.eng.name
        users     = ["{{ .data.system.abbey.identities.snowflake.email }}"]
      }
    EOT
  }
}

Write guardrail policies

Build and enforce rules for compliance without causing friction for engineering teams.

Learn about Policies

screenshot

Manage requests and approvals

Use our intuitive web app to discover, request, and manage access to resources.

screenshot

View and audit changes

Log and audit access changes to meet compliance needs, within the Abbey app or a Git-based version control system.

screenshot

INTEGRATIONS

Abbey supports them all

Abbey integrates with anything available on Terraform Registry. Possibilities are limitless.

Active Directory
(AD)

Active Directory (AD)

Azure Active Directory
(Azure AD)

Azure Active Directory (Azure AD)

Azure Devops

Boundary

Alibaba Cloud

Oracle Cloud Infrastructure
(OCI)

Oracle Cloud Infrastructure (OCI)

Amazon Web Services
(AWS)

Amazon Web Services (AWS)

AWS IAM Roles

Microsoft Azure

Microsoft Azure

Kubernetes (K8s)

Kubernetes (K8s)

GitHub

GitLab

Google Cloud Platform
(GCP)

Google Cloud Platform (GCP)

Okta

Databricks Groups

Databricks Groups

Databricks Unity Catalog

Databricks Unity Catalog

Snowflake

CockroachDB

Confluent

Iceberg

Kafka

PostgreSQL

Rafay

Terraspace

Tailscale

Terraform Cloud
(TFC)

Terraform Cloud (TFC)

Active Directory
(AD)

Active Directory (AD)

Azure Active Directory
(Azure AD)

Azure Active Directory (Azure AD)

Azure Devops

Boundary

Alibaba Cloud

Oracle Cloud Infrastructure
(OCI)

Oracle Cloud Infrastructure (OCI)

Amazon Web Services
(AWS)

Amazon Web Services (AWS)

AWS IAM Roles

Microsoft Azure

Microsoft Azure

Kubernetes (K8s)

Kubernetes (K8s)

GitHub

GitLab

Google Cloud Platform
(GCP)

Google Cloud Platform (GCP)

Okta

Databricks Groups

Databricks Groups

Databricks Unity Catalog

Databricks Unity Catalog

Snowflake

CockroachDB

Confluent

Iceberg

Kafka

PostgreSQL

Rafay

Terraspace

Tailscale

Terraform Cloud
(TFC)

Terraform Cloud (TFC)

ENGINEERS LOVE ABBEY

Abbey reduces toil while improving security

Get live quickly on top of your infrastructure as Code deployment.

Track, rollback, and approve changes with your version control systems.

Integrate access controls with CI/CD for up-to-date security.

The power of automation and simplicity

Build a more secure and compliant infrastructure for your organization while empowering your engineering team.

Abbey Labs Demo Video