This provider is used to interact with the many resources supported by HCP Terraform. As Terraform Enterprise is a self-hosted distribution of HCP Terraform, this provider supports both Cloud and Enterprise.
Use the navigation to the left to read about the available resources.
Since v0.24.0, this provider requires Terraform >= 0.12.
This provider requires a HCP Terraform and Terraform Enterprise API token in order to manage resources.
To manage the full selection of resources, provide a user token from an account with appropriate permissions. This user should belong to the "owners" team of every organization you wish to manage. Alternatively, you can use an organization or team token instead of a user token, but it will limit which resources you can manage. Organization and team tokens cannot manage resources across multiple organizations, and organization tokens cannot manage certain resource types (like SSH keys). See the API token documentation for more details about access to specific resources.
There are several ways to provide the required token:
token
argument in the provider configuration. You can set
the token
argument in the provider configuration. Use an input variable for
the token.TFE_TOKEN
environment variable: The provider can read the
TFE_TOKEN
environment variable and the token stored there to authenticate.When configuring the input variable for either of these options, mark them as sensitive.
If you are using this provider on your local command line without remote operations (i.e. only using HCP Terraform as a remote state backend), there are two more options available to you:
terraform login
to generate credentials: When using this provider with
Terraform on your local command line, it can automatically discover the credentials generated by
terraform login
.credentials
block in your CLI config file (.terraformrc): See
the CLI Configuration File documentation.
If you used the TF_CLI_CONFIG_FILE
environment variable to specify a
non-default location for .terraformrc, the provider will also use that location.
Using a credentials_helper
block is not supported.For production use, you should constrain the acceptable provider versions via
configuration, to ensure that new versions with breaking changes will not be
automatically installed by terraform init
in the future:
terraform {
required_providers {
tfe = {
version = "~> 0.55.0"
}
}
}
As this provider is still at version zero, you should constrain the acceptable provider versions on the minor version.
The above snippet using required_providers
is for Terraform 0.13+; if you are using Terraform version 0.12, you can constrain by adding the version constraint to the provider
block instead:
provider "tfe" {
version = "~> 0.53.0"
...
}
For more information on provider installation and constraining provider versions, see the Provider Requirements documentation.
provider "tfe" {
hostname = var.hostname # Optional, defaults to HCP Terraform `app.terraform.io`
token = var.token
version = "~> 0.53.0"
}
# Create an organization
resource "tfe_organization" "org" {
# ...
}
The following arguments are supported:
hostname
- (Optional) The HCP Terraform or Terraform Enterprise hostname to connect to.
Defaults to app.terraform.io
. Can be overridden by setting the
TFE_HOSTNAME
environment variable.token
- (Optional) The token used to authenticate with HCP Terraform or Terraform Enterprise.
See Authentication above for more information.ssl_skip_verify
- (Optional) Whether or not to skip certificate verifications.
Defaults to false
. Can be overridden setting the TFE_SSL_SKIP_VERIFY
environment variable.organization
- (Optional) The default organization that resources should
belong to. If provided, it's usually possible to omit resource-specific organization
arguments. Ensure that the organization already exists prior to using this argument.
This can also be specified using the TFE_ORGANIZATION
environment variable.