Frequently Asked Questions

CloudTruth is a configuration data platform that unifies access to all settings related to infrastructure provisioning, application configuration, and secrets management.

Input and output integrations connect with the tools you are already using: Terraform, Cloudformation, Vault, AWS Parameter Store, Git, Blueprints, Ansible, Puppet, and many others.

With CloudTruth you will gain a single record of truth across all configuration settings, tracking all changes, improving security, reliability, and team velocity. 

Configuration is becoming distributed and decentralized, leading to an exponential increase in the number of settings that can be touched by each deployment, across multiple environments. CloudTruth's configuration data hub platform solves this problem.

We interviewed hundreds of technology professionals across roles ranging from CIO, CTO, CISO, to DevOps, SecOps and QA leaders and learned there needs to be a better way to track & orchestrate configuration changes. 

Nearly all teams use infrastructure as code (IaC) techniques to provision infrastructure and another tool to configure applications & services, and yet a third to store secrets. With the advent of IaC, Kubernetes, containers and serverless, come new challenges because there are multiple tools, spread across multiple teams, using tens to hundreds of Git repositories to store configuration settings.

​CloudTruth aggregates all configuration settings into one consolidated view. And then lets you use the data between tools.

Usage examples:

  • Automatically configure applications from IaC tooling.
  • Dynamically build and update Kubernetes ConfigMaps and secrets with centralized control.
  • Track consistency between dev/test, staging, and production environments.
  • Support multiple environments with inheritances and overrides.
  • Use dynamic templating to streamline application configuration.
  • SRE teams need to know what changed, by whom, and when, right before an outage or security incident.
  • Share configuration file changes to team members who don’t have access to original sources (such as compliance, QA, audit & GRC teams.)
  • QA groups manage multiple environments and need to know if a setting is changed that causes drift from standard configuration settings.
  • A data science team will want to know when database configurations are changing before production rolls out.
  • Compliance now have an easier way to track changes system-wide.

​CloudTruth is a configuration data hub that provides a unified parameter store with the ability to source configuration settings from other locations. Also included is built-in support for multiple environments along with static and dynamic templating.

CloudTruth can also securely store secrets alongside other configuration data.

CloudTruth connects to your existing configuration tools such as Terraform, Ansible, Cloudformation, and parameter stores such as AWS SSM, Vault, Git repos providing a single API, CLI and GUI to interact with all your configuration data from one place. 

  • Tool-agnostic: CloudTruth lives alongside your existing configuration tools and works across multiple environments and IaC solutions.
  • Cloud-agnostic: CloudTruth is focused on the configuration data layer and works with multiple cloud providers. Starting with AWS support now and future support for Azure, GCP, IBM, DO, and other infrastructure providers.
  • Focused on change: Our initial offering is a unified parameter store with the ability to source settings from other locations such as Terraform, AWS Parameter Store, and JSON/YAML stored in Github.
  • Built anticipating the evolution to containers, serverless and IaC: Configuration is becoming decentralized and distributed. DevOps, SRE, core software developers are all now interacting with configuration tools. What’s missing is a single record of truth describing how an organization’s infrastructure and applications are configured.

Your configuration data never leaves the source.

Additional account and system information are stored in an AWS database service.

CloudTruth needs read-only access permissions to S3, AWS SSM, and Github repositories.

CloudTruth is created by experienced cloud technologists that have previously created massively scalable systems for data backup, archiving, compliance, and governance.

We follow the principle of least privilege access policies, with strong boundaries between environments, and restricted access to production resources.

CloudTruth offers a free community edition and Premium and Enterprise paid tiers. 

More information on our pricing page.

Start Your Free Trial

Simplify your cloud configuration complexity with a no-obligation free trial.