Update Terraform Cloud API token documentation to specify required permissions

[kodjomiles]

User description

Description

Update Terraform Cloud API token documentation to specify required permissions and token types

Added docs pages

Please also include the path for the added docs

• None

Updated docs pages

Please also include the path for the updated docs

• Terraform Cloud and Terraform Enterprise (/build-your-software-catalog/sync-data-to-catalog/terraform-cloud/?installation-methods=real-time-self-hosted)

---

PR Type

Documentation

---

Description

• Clarifies Terraform Cloud API token requirements and types

• Specifies required read permissions for organizations, projects, workspaces, runs, and state versions

• Documents supported token types: User token and Team token

---

Diagram Walkthrough

flowchart LR
  A["Token Documentation"] -- "Enhanced with" --> B["Required Permissions"]
  A -- "Clarified" --> C["Token Types"]
  B --> D["Organizations, Projects, Workspaces, Runs, State Versions"]
  C --> E["User Token / Team Token"]

Loading

File Walkthrough

Relevant files

Documentation

terraform-cloud.md Enhanced token documentation with permissions and types    docs/build-your-software-catalog/sync-data-to-catalog/terraform-cloud/terraform-cloud.md Updated integration.config.terraformCloudToken parameter documentation Added specification of required read permissions for multiple Terraform Cloud resources Documented supported token types: User token with default read scopes and Team token Maintained reference to official Terraform Cloud API token documentation +1/-1

---

[qodo-merge-pro]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Documentation Change: The PR only updates documentation text and does not introduce or modify any code paths related to logging of critical actions, so audit trail compliance cannot be assessed from this diff. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: No Code Changes: The changes are to documentation content only and do not add or rename any identifiers, so naming compliance cannot be evaluated from this diff. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: No Error Handling: The PR modifies documentation only and does not introduce executable code where error handling or edge cases could be assessed. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Documentation Only: No user-facing error messages or handling logic were added; this documentation change does not allow assessment of secure error handling. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: No Logging Code: The PR only updates documentation and does not add or modify logging behavior, so secure logging compliance cannot be evaluated here. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Token Mentioned: The documentation references Terraform Cloud tokens and permissions but does not include executable code handling tokens, so input validation and secret handling cannot be assessed from this diff. Referred Code | `integration.config.terraformCloudToken` | Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. Docs can be found [here](https://developer.hashicorp.com/terraform/cloud-docs/users-teams-organizations/api-tokens) | ✅ | Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Improve documentation clarity and grammar Rephrase the description for the terraformCloudToken to improve clarity and grammar by splitting the long run-on sentence into two separate sentences. docs/build-your-software-catalog/sync-data-to-catalog/terraform-cloud/terraform-cloud.md [181] -Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions, a `User token` with default read scopes or a `Team token` with read access to those resources is required. +A Terraform Cloud `API token` with read permissions for organizations, projects, workspaces, runs, and state versions is required. You can use a `User token` with default read scopes or a `Team token` with read access to these resources. [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 4 __ Why: The suggestion correctly identifies a grammatically awkward sentence in the documentation and proposes a clearer, more readable version, which is a valid but low-impact improvement.	Low
More

[aws-amplify-eu-west-1]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-3013.d2ngvl90zqbob8.amplifyapp.com

[sivanel97]

LGTM :)