Terraform's BSL relicensing in 2023 changed the calculus for new projects. OpenTofu is the answer. Everything else in this department is about making infrastructure code maintainable at the scale where plain Terraform starts to fall apart — modules that diverge, plans nobody reviews, costs nobody estimates before merging.
The Linux Foundation fork of Terraform, created after HashiCorp switched from MPL to BSL 1.1 in 2023. API-compatible drop-in: rename the binary, point at your state, done. CNCF project; active community; receives improvements (native functions, provider mocking) that Terraform hasn't merged. The safe default for any new project.
opentofu/opentofu→A thin wrapper over Terraform/OpenTofu that solves the "DRY infrastructure" problem — define backend, provider, and common inputs once; every environment inherits. run-all apply runs across module stacks in dependency order. Unavoidable at medium-to-large scale where the alternative is 15 near-identical main.tf files with different variable overrides.
Linter for Terraform/OpenTofu that goes beyond terraform validate — catches provider-specific issues (wrong instance type, deprecated attributes, missing required tags) before plan. Plugin architecture means AWS, GCP, and Azure rules are maintained separately and stay current with provider releases. Runs in CI in seconds.
Self-hosted GitOps bot: opens a PR touching .tf files → Atlantis automatically posts the plan output as a PR comment. Merge → atlantis apply executes it. Replaces the "run plan locally, paste output as a comment, hope the reviewer trusts you" workflow. Works with GitHub, GitLab, Bitbucket. Requires a server process with cloud credentials.
Shows the monthly cost delta of a Terraform/OpenTofu diff before you apply it. Integrates into CI as a PR comment: "this change will add $47/month". Covers AWS, GCP, Azure resource pricing. Catches the classic mistake of accidentally provisioning a p4d.24xlarge in a shared module. Free for OSS and most self-hosted use cases.
IaC in TypeScript, Python, Go, Java, or C# instead of HCL. Same state-machine model as Terraform: resources declared, diffed, applied. The tradeoff is real: you get loops, functions, and testing frameworks natively, but you also get all the complexity of a general-purpose language in infrastructure code. OSS core; Pulumi Cloud is the managed backend (self-host with S3/GCS is straightforward).
pulumi/pulumi→The IaC space moved fast post-2023. OpenTofu is the OSS answer to Terraform's relicensing. Terragrunt and tflint work with both. Atlantis and Infracost are independent of the HCL runtime — they work with either. Pulumi is the serious alternative for teams that find HCL limiting. Open a PR if something obvious is missing.