Spacelift
Spacelift is a cloud infrastructure automation and management platform (cloud DevOps) that provides policy-driven orchestration for Infrastructure-as-Code (IaC) workflows.
- Orchestration and automation for IaC (cloud DevOps).
- Policy as Code (PaC) governance and guardrails for cloud infrastructure changes (cloud security / compliance).
- CI/CD-style workflows for provisioning and updating infrastructure across multiple environments (DevOps automation).
- Integrations with common IaC tools and version control systems (DevOps tooling).
- Collaboration, audit, and access controls for teams managing shared cloud infrastructure (platform engineering).
More About Spacelift
Spacelift is designed for enterprises that manage cloud infrastructure using IaC and need centralized control, automation, and governance across multiple cloud accounts and environments. It operates as a management layer on top of IaC tools, enabling infrastructure teams to define, review, and execute changes through standardized workflows. Organizations typically integrate Spacelift with their version control repositories so that infrastructure changes go through a pipeline that includes planning, review, policy checks, and controlled deployment.
The platform focuses on IaC orchestration (cloud DevOps), supporting workflows built around tools such as Terraform, OpenTofu, and related ecosystems, as documented on the Spacelift website. It treats infrastructure changes as code commits, triggering runs that generate execution plans, which can then be approved, modified, or rejected. This approach aligns with GitOps-style practices, where version control acts as the source of truth for infrastructure definitions and change history.
Spacelift incorporates PaC (cloud security / compliance) capabilities, allowing organizations to define rules that govern how and when infrastructure changes can be applied. These policies can enforce constraints such as required approvals, restrictions on resource types or regions, naming or tagging conventions, and cost-related checks. The policies are evaluated automatically during plan and apply phases, which helps standardize compliance and operational practices across teams and projects.
From an architectural perspective, Spacelift integrates with major cloud providers and identity systems, supporting Role-Based Access Control (RBAC), Single Sign-On (SSO), and audit logging. These features support enterprise requirements for traceability and Separation of Duties (SoD). The system typically connects to cloud accounts using managed roles or temporary credentials, limiting direct human access to production environments while still enabling controlled automation.
In the broader market, Spacelift is categorized in cloud DevOps, IaC management, and platform engineering tooling. It is comparable at a solution level to other IaC automation and governance platforms that provide plan-and-apply workflows, policy evaluation, and multi-environment management. Its feature set targets organizations that require consistent workflows for provisioning, updating, and decommissioning resources across multiple teams, projects, and clouds.
Enterprises use Spacelift to standardize how infrastructure changes move from design to production. Teams can define reusable stacks or modules, apply environment-specific configurations, and control promotion of changes from development to staging and production. The platform’s integration with version control, PaC, and cloud providers places it within directories under categories such as cloud DevOps, IaC orchestration, policy and compliance for cloud infrastructure, and platform engineering tooling.