Terraform Cloud is an application that helps teams use Terraform together. You can read more about it on their docs:
https://developer.hashicorp.com/terraform/cloud-docs
Terraform Cloud supports three types of API Tokens: User, Team, and Organization.
Cost Estimation is a feature available in Terraform Cloud (>=Team,Governance plan). It is only for specific cloud resources provided by AWS, Azure, and GCP.
Organization-Level permissions allow you to manage access to resources and settings across an organization.
Terraform Cloud allows you to publish private modules for your organization within the Terraform Cloud Private Registry. The publishing workflow inside of it supports:
All users in an organization can view its’ private module registry. To Authenticate
users you should create a user
or team
token and scope it per your requirements.
To migrate a local Terraform project to Terraform Cloud:
Replace your Terraform Configuration with a remote backend:
terraform {
cloud {
hostname = "app.terraform.io"
organization = "my-org"
workspace {
name = "my-workspace"
}
}
}
terraform init
, and following the prompts for migrating your state to
the new backend.Workspace-Level permissions allow you to manage access to resources and settings for a workspace.
These are pre-made permissions which you can use to quickly assign members of a workspace granular access to functionality
Terraform projects go into a Workspace, when you create one you are prompted to select one of three workflows:
.tar.gz
)
which you are pushing as a configuration versionWhen Terraform Cloud executes your terraform plan it runs them in its own Run Environment.
A run environment is a Virtual Machine (VM) or container intended for the execution that inside of Terraform Cloud acts as a build server for provisioning you remote infrastructure resources.
Terraform Cloud will inject the following environment variables automatically on each run:
TFC_RUN_ID
- A unique identifier for the runTFC_WORKSPACE_NAME
- Name of the workspace used in the runTFC_WORKSPACE_SLUG
- Full slug of the configuration used in the runTFC_CONFIGURATION_VERSION_GIT_BRANCH
- Name of the branch usedTFC_CONFIGURATION_VERSION_GIT_COMMIT_SHA
- Full commit hash of the commit usedTFC_CONFIGURATION_VERSION_GIT_TAG
- Name of the git tag usedCloud Agents is a paid feature of the Business plan to allow Terraform Cloud to communicate with isolated, private, or on-premise infrastructure. The agent architecture is pull-based, so no inbound connectivity is required, any agent you provision will poll terraform cloud for work and carry out execution of that work locally.