Skip to content

Latest commit

 

History

History
128 lines (100 loc) · 5.56 KB

index.html.markdown

File metadata and controls

128 lines (100 loc) · 5.56 KB
Raw
layout page_title description
tfe
Provider: HCP Terraform and Terraform Enterprise
Provision HCP Terraform or Terraform Enterprise - with Terraform! Management of organizations, workspaces, teams, variables, run triggers, policy sets, and more. Maintained by the HCP Terraform team at HashiCorp.

HCP Terraform and Terraform Enterprise Provider

This provider is used to interact with the many resources supported by HCP Terraform. As Terraform Enterprise is a self-hosted distribution of HCP Terraform, this provider supports both Cloud and Enterprise.

Use the navigation to the left to read about the available resources.

Since v0.24.0, this provider requires Terraform >= 0.12.

~> Important: For production use, you should constrain the acceptable provider versions via configuration, to ensure that new versions with breaking changes will not be automatically installed. For more information, see Versions.

Authentication

This provider requires a HCP Terraform and Terraform Enterprise API token in order to manage resources.

To manage the full selection of resources, provide a user token from an account with appropriate permissions. This user should belong to the "owners" team of every organization you wish to manage. Alternatively, you can use an organization or team token instead of a user token, but it will limit which resources you can manage. Organization and team tokens cannot manage resources across multiple organizations, and organization tokens cannot manage certain resource types (like SSH keys). See the API token documentation for more details about access to specific resources.

There are several ways to provide the required token:

  • Set the token argument in the provider configuration. You can set the token argument in the provider configuration. Use an input variable for the token.
  • Set the TFE_TOKEN environment variable: The provider can read the TFE_TOKEN environment variable and the token stored there to authenticate.

When configuring the input variable for either of these options, mark them as sensitive.

-> Note: If you are using this provider in HCP Terraform or Terraform Enterprise, you will need to use one of the two options above, even if you're using the remote backend with remote operations and the CLI-driven Run workflow.

If you are using this provider on your local command line without remote operations (i.e. only using HCP Terraform as a remote state backend), there are two more options available to you:

  • Use terraform login to generate credentials: When using this provider with Terraform on your local command line, it can automatically discover the credentials generated by terraform login.
  • Set a credentials block in your CLI config file (.terraformrc): See the CLI Configuration File documentation. If you used the TF_CLI_CONFIG_FILE environment variable to specify a non-default location for .terraformrc, the provider will also use that location. Using a credentials_helper block is not supported.

Versions

For production use, you should constrain the acceptable provider versions via configuration, to ensure that new versions with breaking changes will not be automatically installed by terraform init in the future:

terraform {
  required_providers {
    tfe = {
      version = "~> 0.55.0"
    }
  }
}

As this provider is still at version zero, you should constrain the acceptable provider versions on the minor version.

The above snippet using required_providers is for Terraform 0.13+; if you are using Terraform version 0.12, you can constrain by adding the version constraint to the provider block instead:

provider "tfe" {
  version = "~> 0.53.0"
  ...
}

For more information on provider installation and constraining provider versions, see the Provider Requirements documentation.

Example Usage

provider "tfe" {
  hostname = var.hostname # Optional, defaults to HCP Terraform `app.terraform.io`
  token    = var.token
  version  = "~> 0.53.0"
}

# Create an organization
resource "tfe_organization" "org" {
  # ...
}

Argument Reference

The following arguments are supported:

  • hostname - (Optional) The HCP Terraform or Terraform Enterprise hostname to connect to. Defaults to app.terraform.io. Can be overridden by setting the TFE_HOSTNAME environment variable.
  • token - (Optional) The token used to authenticate with HCP Terraform or Terraform Enterprise. See Authentication above for more information.
  • ssl_skip_verify - (Optional) Whether or not to skip certificate verifications. Defaults to false. Can be overridden setting the TFE_SSL_SKIP_VERIFY environment variable.
  • organization - (Optional) The default organization that resources should belong to. If provided, it's usually possible to omit resource-specific organization arguments. Ensure that the organization already exists prior to using this argument. This can also be specified using the TFE_ORGANIZATION environment variable.