Main Features and Capabilities
Orchestration
- Blueprint YAML: Environment plans are stored in YAML files. Torque can generate and single-asset blueprint YAMLs for each IaC or container technology file in your repository, while multi-asset blueprints can easily be written in YAML files stored in your source control repositories.
- Liquid: See Parameter Store below.
- Policies: Limit environment durations and apply OPA security policies to environments.
- Spaces and Role-based Access Control (RBAC): Set up a space for different business units, teams, and projects. Assign assets, users and roles to the users, limiting capabilities based on their needs and access only to the environments that apply to that space.
- Secret management in Torque: Torque manages Secrets in 3 different ways
- Parameter Store: Torque contains a built-in Parameter Store that allows space admins and account admins to store both sensitive and non-sensitive key-value based information in a centralized location that can be accessed by blueprint designers via the Liquid engine.
- Credential Store: Torque contains a built-in Credentials Store that allows account admins to safely store cloud account credentials (or Role ARNs for assumable roles) that can later be used for authentication with the provider in an IaC grain (such as Terraform or CloudFormation).
- Secret providers in IaC: Torque allows blueprint and asset designers to rely on secret management capabilities of the supported IaC technologies. For example retrieving a KMS decryption key or AWS Secret Store Secret via AWS, an Azure Secret from Azure Vault, or a Secret or Sensitive information stored in Hashicorp Vault.
- Approval policies: Define an approval policy for production/high-cost environments and review pending requests.
- Auto-shutdown and cleanup: Automatic cleanup of environment's cloud resources when environment ends, cutting costs and ensuring nothing is left behind.
Automation
Torque provides out-of-the-box support for Terraform modules, Helm charts, CloudFormation templates, Kubernetes manifests, shell scripts, and Ansible, allowing Torque to discover your assets and create working blueprints, which can be used as single-asset blueprints or integrated into multi-asset blueprints with dependencies and interconnections.
Self-service
- Self-service blueprint catalog: Publish blueprints to a self-service catalog where your teams can find and deploy the environments needed for their current activities via UI, API or CLI.
- High scalability: Torque environments run on Kubernetes, providing you with the built-in flexibility to scale up or down on a needs basis.
GitOps
- Update assets on push/merge: Torque supports the use of git repositories on GitHub, GitLab, BitBucket and Azure DevOps. When changes are merged into the space's repository, the appropriate blueprints are immediately updated with the changes.
- [Automatic drift detection](/environment-services/Drift and update): See what external changes have occurred to your environment and its resources, revert the changes to bring your environment back to its initial state.
Monitoring and control
- Cost management and estimation: Easily view the cloud costs of your environments, as well as current/estimated spending by blueprint, environment or space.
- [Introspection](/environment-services/Introspection and layouts): Drill-down into each environment's cloud resources, elements and metadata directly from Torque.
- CI/CD Integration: Configure environments to be spun up and tested as part of a CI/CD process using some of the leading tools on the market, including Jenkins, Azure DevOps, CircleCI, Bamboo, and more.
- Slack and Teams notifications: Get notifications for different environment lifecycle phases to the Teams/Slack channel of your choice.