Hi HN. We’ve been building Abbey and happy to share our beta with you: https://abbey.io. Abbey makes it easy for engineers to configure how their infrastructure is accessed by other employees in the company. This is especially useful when your company outgrows giving admin access to everyone all the time, typically driven by compliance requirements. With Abbey, you use your existing Terraform setup to configure workflows and policies for how people are granted/revoked access to your services. Your end users then use a web app to request access to resources they need and you can approve/deny access with an audit trail of all access changes.

Why we built this:

I've been an engineer for a long time where operating infrastructure at scale and moving quickly was always top-of-mind. However, after a certain point, moving safely becomes just as important, except I've usually had a ton of friction trying to balance shipping software and adhering to requirements given to me by security or compliance teams. As the owner of infrastructure services, I have the most context into how my systems work, so what I really wanted was tooling that could help me implement the most undifferentiated security/compliance controls so I could work on other things.

What’s in the beta:

- Bring your existing setup, whether it’s Terraform Cloud, OpenTF, Atlantis, Spacelift, env0, or Digger.

- Workflows - for how someone should get access (who needs to review, how many steps, etc)

- Policies - Open Policy Agent policies for granting and revoking access (based on time or if someone’s role or attribute changes)

- Native Terraform output - to keep Abbey off the critical path and so you can avoid vendor lock-in

- Web app - for your end users to request for access and for you to approve/deny requests with an audit trail

- Open API to integrate or build your own UI if you want

- Integrate incrementally - you should continue using your own CI/CD, host your own secrets/repo/terraform state. Abbey doesn’t touch any of that. We're a control plane for your IAM infrastructure that tells your system when it's ok to do the `terraform apply`. This means you can enable this flow for any number of resources.

We're early so we'd love your feedback. Feel free to try us out for free and let us know what you think here or in our Slack (https://join.slack.com/t/abbey-io/shared_invite/zt-22ivaaw75...).

Main site: https://abbey.io

Docs: https://docs.abbey.io