Terraform workspaces module which manages configuration and life-cycle of all your Terraform Cloud workspaces. It is designed to be used from a dedicated Terraform Cloud workspace that would provision and manage rest of your workspaces using Terraform code (IaC).
terraform-tfe-workspaces
is an open source project published by The Scale Factory.
We currently consider this project to be actively maintained and we will add new features, keep it security patched and ready for use in production environments.
We’ll take a look at any issues or PRs you open and get back to you as soon as we can. We don’t offer any formal SLA, but we’ll be checking on this project periodically.
- Create a Terraform Cloud/Enterprise workspace
- Set configuration settings:
- VCS
- Variables
- Alerts
- Triggers
- Remove workspaces
Workspaces configured by this module will likely require credentials for authenticating to the various services you wish to use.
For example, if we're configuring a workspace that requires AWS credentials, you will configure using the following code:
main.tf:
terraform {
required_version = ">= 0.13.6, < 2.0"
backend "remote" {
organization = "scalefactory"
workspaces {
name = "terraform-cloud"
}
}
}
module "workspaces" {
source = "../modules/terraform-tfe-workspaces"
organization = "scalefactory"
github_app_installation_id = var.oauth_token_id
vcs_org = "scalefactory"
vcs_repo = "terraform-infra"
#tf_version = "1.x.y"
workspaces = var.workspaces
slacks = var.slacks
triggers = var.triggers
TFC_WORKSPACE_NAME = var.TFC_WORKSPACE_NAME
var_sets = var.var_sets
vars = {
AWS_ACCESS_KEY_ID = var.aws_access_key_id
}
sec_vars = {
AWS_SECRET_ACCESS_KEY = var.aws_secret_access_key
}
}
terraform.auto.tfvars:
workspaces = {
shared = "terraform/shared"
}
var_sets = {
test = {
desc = "Testing"
global = false
vars = {
a = {
val = 1
sensitive = false
desc = "woohoo"
category = "env"
}
b = {
val = 2
sensitive = true
}
}
workspaces = [
"workspace1",
"workspace2",
]
}
}
Report issues/questions/feature requests on in the issues section.
Full contributing guidelines are covered here.
Apache 2 Licensed. See LICENSE for full details.
Name | Version |
---|---|
terraform | >= 0.13.6, < 2.0 |
tfe | ~> 0.42.0 |
Name | Version |
---|---|
tfe | ~> 0.42.0 |
Name | Type |
---|---|
tfe_notification_configuration.slack | resource |
tfe_run_trigger.trigger | resource |
tfe_variable.sec_vars | resource |
tfe_variable.var_sets | resource |
tfe_variable.vars | resource |
tfe_variable_set.var_sets | resource |
tfe_workspace.workspace | resource |
tfe_workspace_variable_set.map | resource |
tfe_workspace.current | data source |
tfe_workspace_ids.var_sets | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
TFC_WORKSPACE_NAME | TFC workspace name from the ENV | string |
null |
no |
allow_destroy_plan | Whether destroy plans can be queued on the workspace | bool |
true |
no |
assessments_enabled | Regularly run health assessments such as drift detection on the workspace | bool |
false |
no |
auto_apply | Whether to automatically apply changes when a Terraform plan is successful | bool |
false |
no |
execution_mode | Terraform worskapce execution more: remote, local or agent | string |
"remote" |
no |
oauth_token_id | ID of the oAuth token for the VCS connection | string |
n/a | yes |
organization | TF Organization to create workspaces under | string |
n/a | yes |
sec_vars | Map defining workspace sensitive variables | map(any) |
{} |
no |
slacks | Map definning Slack notification options | map(any) |
{} |
no |
speculative_enabled | Weather running plans on pull requests | bool |
true |
no |
structured_run_output_enabled | Whether this workspace should show output from Terraform runs using the enhanced UI when available | bool |
false |
no |
tag_names | List of workspace tag names | list(any) |
[] |
no |
tf_version | Version of Terraform to use in workspace | string |
null |
no |
triggers | Map for TFE trigger relations workspace->workspace2 | map(any) |
{} |
no |
var_sets | Map defining variable sets | any |
{} |
no |
vars | Map defining workspace variables | map(any) |
{} |
no |
vcs_org | The Github organization that repositories live under | string |
n/a | yes |
vcs_repo | The Github repository name that is backing this workspace | string |
n/a | yes |
workspaces | Workspaces map where we define workspace and its path | map(any) |
{} |
no |
Name | Description |
---|---|
work_vars | n/a |