This module provisions Terraform Cloud workspaces that you can use as remote state buckets.
You should keep a local state file in the repo that only manages the basic resources for bootstrapping:
- Terraform Cloud organization
- Terraform Cloud production workspace
- Terraform Cloud sandbox workspace for testing
Make sure the repository has proper access control, as sensitive data (e.g. api tokens) are stored in plaintext within the local state file.
module "bootstrap" {
source = "github.com/knoedel/terraform-tfcloud-bootstrap?ref=master"
<variables>
}
Name | Version |
---|---|
terraform | ~> 1.0 |
tfe | ~> 0.25 |
Name | Version |
---|---|
tfe | 0.25.3 |
No modules.
Name | Type |
---|---|
tfe_organization.infra | resource |
tfe_organization.org-root | resource |
tfe_organization.prod | resource |
tfe_organization.sandbox | resource |
tfe_variable.prod_hetzner_cloud_api_token | resource |
tfe_variable.prod_hetzner_dns_api_token | resource |
tfe_variable.sandbox_hetzner_cloud_api_token | resource |
tfe_variable.sandbox_hetzner_dns_api_token | resource |
tfe_workspace.infra_admin-global | resource |
tfe_workspace.org-root_admin-global | resource |
tfe_workspace.prod_admin-global | resource |
tfe_workspace.sandbox_admin-global | resource |
tfe_workspace.sandbox_infra-global | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
api_token_hetzner_cloud_prod | API token for accessing the Hetzner Cloud API in production environment | string |
n/a | yes |
api_token_hetzner_cloud_sandbox | API token for accessing the Hetzner Cloud API in sandbox environment | string |
n/a | yes |
api_token_hetzner_dns | API token for accessing the Hetzner DNS API | string |
n/a | yes |
enable_two_factor_auth | Require two factor authentication for your Terraform Cloud organization? | bool |
true |
no |
org_email | The admin email address for your Terraform Cloud organization. | string |
n/a | yes |
org_name | The name of your Terraform Cloud organization. Must be globally unique. | string |
n/a | yes |
tf_version_prod | The Terraform version for the production workspace. | string |
"1.0.0" |
no |
tf_version_sandbox | The Terraform version for the sandbox workspace. | string |
"1.0.0" |
no |
No outputs.
Create a new directory in your Terraform config repository, e.g. terraform/org-root/bootstrap
.
Add a bootstrap/main.tf
file as described in the example above.
Make sure that the required hashicorp/tfe
provider is available and configured:
terraform {
required_providers {
tfe = {
source = "hashicorp/tfe"
version = "~> 0.25"
}
}
}
provider "tfe" {
token = var.token
}
Execute terraform to start the bootstrapping process:
terraform init && terraform plan
# Make sure the changes are as intended
terraform apply
A local state file has been generated. Make sure to commit this file to your repository.
Install dependencies
go mod download
make ensure_pre_commit
Terratest is being used for
automated testing with this module. Tests in the test
folder can be run
locally by running the following command:
make test