The Linux Foundation | 30 April 2024
Latest release introduces the ability to encrypt state files and define custom functions.
SAN FRANCISCO – April 30, 2024 – OpenTofu, the open source fork of HashiCorp Terraform™, is excited to announce the immediate availability of its 1.7 release. This update introduces several long-requested features, such as state encryption and provider-defined functions, with OpenTofu-exclusive capabilities that enable deeper integration with other programming languages.
Since the first stable release of OpenTofu 1.6 in January 2024, the OpenTofu core team has been hard at work with the help of over 100 community contributors to implement functionality that the wider community has been requesting for years. Recently, the project surpassed 20,000 stars on GitHub.
Features new to OpenTofu 1.7 include:
- State Encryption, which protects sensitive state-files at rest. This feature brings industry-standard AES-GCM encryption with local passphrases and cloud integrations for key management systems such as AWS KMS, GCP KMS, OpenBao, and comes with an extensible API for future integrations.
- Provider-defined Functions, which let providers define custom functions to be used in tofu code. This includes tofu-exclusive features enabling the authoring of dynamic custom functions in Go, or Lua code, next to a user's tofu config files.
- Loopable Imports, which enable the use of `for_each` in import blocks, making the importing of large amounts of infrastructure into tofu configuration much easier.
- “Removed” blocks, which make it easy to export infrastructure from user tofu configs.
The OpenTofu team is looking forward to continuing work on top-requested features. The community is encouraged to continue to provide their feedback and votes, to help drive the development roadmap of OpenTofu.
OpenTofu remains a drop-in replacement, and with the recently added detailed migration guides, it’s now easier than ever to switch to OpenTofu.
To learn more about OpenTofu, including how to get involved, contribute, and access their repository, visit the OpenTofu website and GitHub.
Supporting Quotes
"OpenTofu 1.7 is a game changer, moving past just easing migration between HashiCorp Terraform and OpenTofu, to really tapping into the community's power. This release tackles features that Terraform users have been clamoring for years—like truly encrypted states and dynamic provider functions. For businesses on the fence about switching, it now offers compelling reasons to make the leap. It's innovations like these that set OpenTofu apart and get us excited about its future."
– Erik Osterman, Founder & CEO of Cloud Posse, LLC.
"New features, like provider-defined functions, are a force multiplier that give users more power than ever in OpenTofu"
– Christian Mesh, Core Maintainer of OpenTofu
“After a couple months' work, this is the first release of OpenTofu that includes big tofu-exclusive features, most prominently the end-to-end state encryption that’s great especially for larger enterprises. I know many users have been waiting for this to migrate. Importantly, with OpenTofu users can be sure that it stays free and open source forever, with its Linux Foundation backing.”
– Kuba Martin, Technical Project Lead of OpenTofu, Engineering Manager at Spacelift
We are really excited for end-to-end encrypted state. We have long been advocates of giving our customers the tools to take charge of the security of their infrastructure. OpenTofu delivering a long requested security feature is evidence of our commitment to responding to the requests of the community.
– Malcolm Matalka, Co-founder of Terrateam
“With 1.7 the OpenTofu project is firmly establishing itself not just as a fork, but as an innovator in the space. Gruntwork continues to see customer success on OpenTofu and we’re thrilled that we now have a flagship, free-forever IaC engine.”
– Josh Padnick, CEO & Co-founder, Gruntwork
###
Media Contact
Noah Lehman
The Linux Foundation
nlehman@linuxfoundation.org