Heroku Provider

The Heroku provider is used to interact with the resources provided by Heroku Platform API and needs to be configured with credentials before it can be used.

Background

Heroku is a fully-managed platform that gives you the simplest path to delivering apps quickly:

Guides

Contributing

Development happens in the GitHub repo:

Example Usage

# Configure the Heroku provider
provider "heroku" {
  api_key = var.heroku_api_key
}

# Create a new application
resource "heroku_app" "default" {
  # ...
}

Authentication

The Heroku provider offers a flexible means of providing credentials for authentication. The following methods are supported, listed in order of precedence, and explained below:

Generating tokens

All authentication tokens must be generated with one of these methods:

🔐 See Secure Practices for help creating a safe API token.

⛔️ Direct username-password authentication is no longer supported by Heroku API.

Static credentials

Credentials can be provided statically by adding api_key property to the Heroku provider block:

variable "heroku_api_key" {
  type      = string
  sensitive = true
}

provider "heroku" {
  api_key = var.heroku_api_key
}

Environment variables

When the Heroku provider block does not contain an api_key argument, the missing credentials will be sourced from the environment via the HEROKU_API_KEY environment variable:

provider "heroku" {}
$ export HEROKU_API_KEY="<heroku_auth_token>"
$ terraform plan
Refreshing Terraform state in-memory prior to plan...

Netrc

Credentials can instead be sourced from the .netrc file in your home directory:

provider "heroku" {}
$ cat ~/.netrc
...
machine api.heroku.com
  login <ignored, can be any value>
  password <heroku_auth_token>
...

The directory containing the .netrc file can be overridden by the NETRC environment variable as described here.

Argument Reference

The following arguments are supported: