Today, we are super excited to announce that we are continuing our expansion beyond AWS and adding support to Microsoft Azure in our Resource Explorer.

Until now, ControlMonkey’s resource explorer helped DevOps teams discover and investigate their AWS resources. Starting today, we have added the option to discover and investigate Azure resources.

Azure users can leverage our Resource Explorer to:

• Search for Azure resources per subscription, region, resource type, and name.
• Determine whether this resource is managed by Terraform code or not.
• Access the resource’s corresponding code in your GIT repository with a 1-click link.
• Access the resource’s corresponding ControlMonkey stack with a 1-click link.

With Resource Explorer, you can search for any Azure resource, gain visibility into your Terraform coverage, and easily access the corresponding Terraform Code in your GIT repository or corresponding ControlMonkey stack.

ControlMonkey’s Resource Explorer serves as the organization’s Terraform knowledge base, providing your team an easy way to locate Terraform code across your Git repositories regardless of specific team member seniority or tenure within the organization.

Save precious time when searching for resources and ensure that all your Azure resources are covered with Terraform Code.

This is one of many Azure enhancements we will release this year, so stay tuned to what’s coming next!

We are happy to announce that we have upgraded our permission management and added support for custom roles.

Up until today, our users had the option to grant permissions to certain namespaces based on a predefined system role (Viewer, Deployer, or Admin).
We’ve identified our customers’ needs to have more granularity with their permissions management by adding more customization options.

Now, ControlMonkey users can create a custom role with permissions that are based on Stacks, Deployments, or Plans.

The custom role can then be granularly applied on a user/team in a specific namespace for that additional layer of customization.

With the option to limit certain users’ actions, our customers are reducing the risk of misconfigurations, allowing for better control mechanism in their environments by preventing certain users from performing ‘high-risk’ actions such as ‘Approve Deployment’ or ‘Delete Resources’.

We are pleased to announce the latest enhancement to our Terraform CI/CD solution for infrastructure – ControlPolicy Groups.

Our Terraform CI/CD solution for infrastructure enables ControlMonkey users to define proactive policies that will be enforced at the Pull Request level and prevent security, cost, and compliance misconfigurations.
Starting today, our users can group together control policies and apply them to specific environments by namespaces or stacks.

This allows for custom-made policy packages that meet your organization’s guardrails. For example, if your organization requires each resource to be tagged with specific keys and all data volumes to be encrypted, you can now group these two policies together to create your own custom compliance.
You can enforce these groups on a specific ControlMonkey namespace or stack, providing the granularity you need.

Your development environment has its own requirements, while your production environment likely requires more rigid policies to be enforced. Unlike account-level policy mechanisms (e.g., AWS SecurityHub), with ControlMonkey policies, you can mix and match the appropriate policies for the relevant infrastructure stacks

You can select the severity level for each policy, which is then translated to an enforcement level (Warning, Hard/Soft Mandatory).

ControlMonkey also makes it super easy to granularly apply a policy group to a certain namespace or stack. For example, you can group together all of your SOC2 compliance policies and enforce those policies only in production environments that are required to be SOC-compliant.

Enforce the guardrails of your cloud environment with our out-of-the-box policy manager and prevent costly misconfigurations.

We are pleased to announce that we have enhanced the Terraform Plan and Deployment capabilities that are available from the ControlMonkey dashboard.

Starting today, ControlMonkey customers can run advanced ‘Terraform Plan’ and ‘Terraform Apply’ with ‘Target’ and ‘Replace’ flags on their deployments.
This is a request we got from multiple customer and we always love to make sure our customers get what they need.

A target flag (Target Resources) runs a deployment on specific resources rather than the entire branch.

A replace flag (Resource re-creation) is used to force a re-creation of specific resources rather than the entire branch.

Through the ControlMonkey dashboard, you can now send a flag in a simplified way that makes it easier to modify a specific resource.

Looking to improve your Terraform automation? Let’s talk.

We are very excited to announce that we have reinforced our Terraform Insights solution by allowing users to generate an SBOM (Software bill of materials) report of the Terraform Modules used in your environment with a click of a button.

A couple of months ago, we announced the release of our Terraform Modules Explorer, which provides DevOps teams with visibility into which Terraform Modules are being used, whether their source is a registry or local Git repository, where they are used in the code, and whether or not they are running on the latest version.

Starting today, ControlMonkey users can generate an easy-to-read and digest SBOM report that is based on the information of the Terraform Modules Explorer with a click of a button.
This is extremely handy for teams that need to provide this information during security audits.

Create a Terraform Modules report that contains:

• Which Terraform Modules are being used
• Is their source Registry or Local
• How many modules
• Version control

Gain full control over your Terraform Modules and take another step forward to being on top of your infrastructure.

ControlMonkey is the most comprehensive Terraform Automation Platform. Do you want to know why?
Book a 30-minute intro call with us and find out!

Today, we’re excited to announce that ControlMonkey now supports Terraform Microsoft Teams integration for real-time infrastructure notifications. With this new capability, DevOps teams can receive critical updates—such as drift detection, deployment successes or failures, and compliance guardrail alerts—directly inside their Microsoft Teams channels.

Real-time visibility is essential in modern Terraform workflows. Without instant alerts, misconfigurations or failed deployments can go unnoticed, slowing down response times and increasing operational risk. By connecting Terraform with Microsoft Teams, ControlMonkey ensures your team stays aligned, reacts faster, and collaborates on issues in the same space where they already communicate daily.

How to Use Terraform Microsoft Teams Integration in ControlMonkey

With ControlMonkey notifications, you can get notified about various important events that happen on your infrastructure directly to your team collaboration application.
Events such as ‘Drift detected’ or ‘Deployment is done/failed’ and more.

So if you’re using Microsoft Teams, you can get these event notifications directly to a Teams channel and ensure you never miss them.

What is Microsoft Teams?

Microsoft Teams is one of the most widely used collaboration platforms, trusted by millions of organizations worldwide. It brings together chat, video meetings, file sharing, and integrations with hundreds of business applications in a single workspace. For distributed engineering teams, it acts as the central hub for daily communication and decision-making.

In a DevOps environment, Microsoft Teams goes beyond messaging. It enables ChatOps workflows, where infrastructure events and alerts flow directly into team channels. Engineers can discuss issues, approve changes, and resolve incidents without leaving the collaboration space they already use. By integrating Terraform notifications into Teams, DevOps teams gain faster visibility into infrastructure changes, reducing context-switching and accelerating incident response.

Today ControlMonkey is pleased to announce that we have added the capability to easily import NeptuneDB, Amazon Neptune, instances to Terraform and OpenTofu Code using our Terraform Import Engine.

What is Amazon Neptune and why import to Terrafrom and OpenTofu?

NeptuneDB (Amazon Neptune) is a fully managed graph database service developed by Amazon Web Services (AWS) for storing and querying highly connected data. It allows users to store and query relationships between data points efficiently, facilitating complex data analysis and traversal.

Managing and governing NeptuneDB instances with Terraform code is crucial for disaster recovery and version control.
NeptuneDB instances usually rely on ‘option group’ and ‘parameter group’ that enhance its performance, therefore it’s important also to manage those satellite resources with Terraform, and not only the instance itself.

ControlMonkey Import NeptuneDB to Terraform and OpenTofu

ControlMonkey now supports the one-click Terraform Import of the following NeptuneDB resources:

Neptune::DBCluster (aws_neptune_cluster)
Neptune::DBClusterParameterGroup (aws_neptune_cluster_parameter_group)
Neptune::DBInstance (aws_neptune_cluster_instance)
Neptune::DBParameterGroup (aws_neptune_parameter_group)

ControlMonkey generates the Terraform Code to represent your NeptuneDB configuration alongside the Terraform state file, so you don’t have to import those resources one by one, and you also don’t need to reprovision the DB instance and cause a service interruption.

Are you using NeptuneDB and have resources you would like to shift to Terraform?

Feel free to book an intro meeting  with us to learn more about how ControlMonkey generates the Terraform code that represents your existing NeptuneDB instance, parameter group, and option group, making the shift to Terraform as seamless as possible.

Today we are glad to announce that we have added NIST Compliance to our Proactive Compliance Packages enforcement, as part of the Terraform CI/CD solution.

ControlMonkey Terraform CI/CD solution enables DevOps teams to proactively enforce compliance and security policies during the infrastructure CI/CD and prevent issues and misconfigurations in production.

Starting today, our users can enforce NIST 800-53 compliance standards on any Terraform pull request, and ControlMonkey will validate the resources configuration, as part of the infrastructure CI/CD.

Organizations usually run compliance validations in a detective way, after the resources are deployed to production, using tools like AWS Security Hub.

This capability enables DevOps teams to easily enforce NIST Compliance standards proactively, rather than responding to non-compliant resources in production, and risk getting penalized for NIST compliance violations.

If regulation requires your infrastructure to be NIST compliant, you can validate every resource’s compliance proactively, out of the box, with zero effort.

On top of that, users have enhanced customization and granularity and can enforce compliance using various enforcement levels and apply them to specific stacks or namespaces.

Shift left your infrastructure compliance, keep your environment in ‘Always-Compliant’ mode, and allow your team to build faster without sacrificing control.

Today ControlMonkey is pleased to announce that we have reinforced our Terraform Import Engine with the ability to Import AWS Direct Connect resources to Terraform.

AWS Direct Connect is a networking service that provides an alternative to using the internet to connect to AWS. Using AWS Direct Connect, data that would have previously been transported over the internet is delivered through a private network connection between private facilities and AWS.

ControlMonkey now supports one-click Terraform Import of the following Direct Connect resources:

Connections (aws_dx_connection)
Lag (aws_dx_lag)
Virtual Interface (aws_dx_private_virtual_interface)

Are you using Direct Connect and have resources that you would like to shift to Terraform?
Feel free to book an intro meeting  with us to learn more!

Today we are happy to announce the release of the latest enhancement to our Terraform Insights product, Terraform Providers Explorer.

DevOps teams leveraging Terraform don’t have any real visibility into which Terraform Providers are being used in their Terraform code, where are they used in the code, and whether or not they are not the latest version is being used.

Moreover, once you click on one of the providers, you can drill down into each provider and gain visibility into:

• The code path in which the provider is being used
• Which ControlMonkey stack is that provider related to
• What is the version constraint
• What is the used version
• What are the latest versions available

Want to upgrade your Terraform provides? The days of scrolling through 1000s lines of Terraform code to discover which providers are being used and with which versions are over.

With ControlMonkey you get end-to-end visibility of everything related to Terraform Operations in a single dashboard so you will never be left in the dark.

Interested in learning more?
Join our Live Product Showdown next week to see our platform’s capabilities!