| Capability/Tool | terraform Cloud | terraform Enterprise | Scalr | Env0 | Spacelift |
|---|---|---|---|---|---|
| Compliance | ISO 27001, SOC 2 | ISO 27001, SOC 2 | SOC 2 Type I | SOC 2 | ISO 27001, SOC 2 Type II |
| GitLab Integration | ✅ | ✅ | ✅ | ✅ | ✅ |
| Hosting | SaaS | SaaS, On-Prem | SaaS, On-Prem | SaaS | SaaS |
| Policy as Code | Sentinel, OPA | Sentinel, OPA | OPA | OPA | OPA |
| Pricing Model | RUM-based (Resources) | RUM-based (Resources) | Usage-based (SaaS), Per workspace (on-prem) | Per environment per day | Per capabilities and workers |
| Private Agents | ✅ | ✅ | ✅ | ✅ | ✅ |
| Private Module Registry | ✅ | ✅ | ✅ | ✅ | ✅ |
| RBAC | ✅ | ✅ | ✔️ - hierarchical + custom roles | ✔️ - hierarchical | ✔️ - also extensible with policies |
| Remote operations CLI | ✅ | ✅ | ✅ | ✅ (@env0/cli) | ✅ |
| Remote operations VCS/GitOps | ✅ | ✅ | ✅ | ✅ | ✅ |
| SLA | 99.9% for higher tiers | 99.9% | 99.9% for all paid plans | ❓ | Bronze/Silver/Gold tiers |
| SSO | ✅ - only in high paid tiers | ✅ | ✅ - available on all plans | ✅ - from first paid tier ($49/day) | ✅ - OIDC (Free), SAML (Enterprise) |
| Secrets Management | Internal | Vault integrated | Internal, AWS, GCP, Azure | Internal, AWS, GCP, Azure (with self-hosted agents) | Internal, also file based |
| Short lived environments support | ❌ | ❌ | ✅ (via run scheduler) | ✅ | ✅ |
| State Management | ✅ | ✅ | ✅ | ✔️ - only hidden state | ✅ - also external |
| terraform Provider | ✅ | ✅ | ✅ | ✅ | ✅ |
| Webhooks | ✅ | ✅ | ✅ | ✅ | ✅ |
| Reporting | ✅ | ✅ | ✅ - runs queue | ✅ | ✅ |
| Cloud Account Management | Via AWS AFT integration | Via AWS AFT integration | Provider configurations | Cloud credentials management | Spaces + Cloud integrations |
Last active
July 10, 2025 10:27
-
-
Save Piotr1215/ea5f60d469e9588b9aab27b5bec0e73c to your computer and use it in GitHub Desktop.
Below table provides a high level overview of various IaC capabilities and their support by a given provider.
Hi @omry-hay
Thank you for reaching out and reading my blog, I'm happy you liked it.
As with all the reviews, it's outdated the moment it's released ;). I have added/changed the details based on your comment.
Keep on rocking
👋
Hi @Piotr1215,
A lot of things happened at Scalr in the last 6 months! Below are a few suggestion that may help the comparison table to stay accurate and up to date for Scalr:
- Compliance: we are now SOC2 Type I compliant
- Pricing model: usage-based on SaaS, per workspace for on-prem
- RBAC: hierarchical + custom roles
- SLA: 99.9% for all paid plans
- SSO: available on all plans (including Free)
- Secrets management: [Internal, AWS, GCP, Azure] (https://docs.scalr.com/en/latest/provider_configuration.html#configuration-types)
- Short-lived environments support: it is possible to create short-lived environments using the run scheduler
- A Reporting capability could be added to the table: our runs queue feature lets you visualize the status of your Terraform runs across workspaces and has gained at lot of traction across our user base.
Thank you very much for the effort you put in this, and don't hesitate to reach out if you have any additional comments!
Disclaimer: I'm a Scalr employee
Hi @Piotr1215 ,
You should update the table, Terraform Cloud do supports OPA (It is still a beta but works)
https://www.hashicorp.com/resources/demo-enforcing-opa-policies-in-terraform-cloud
This has been updated as of June 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @Piotr1215,
Thanks a lot for the detailed review of all the TACOS out there, it's very helpful, I really enjoyed reading it as well.
As the CTO and co-founder of env0, I would like to make a few comments about some items in this table:
Hope it makes sense.
Again, I want to thank you for this table and the great TACOS blog post you've written.
🙏