- 02 Feb 2023
- 3 Minutes to read
- DarkLight
HashiCorp Terraform Cloud
- Updated on 02 Feb 2023
- 3 Minutes to read
- DarkLight
The HashiCorp Terraform integration enables you to manage your primary resources directly from Torq workflows.
- Accounts
- Cost estimates
- OAuth clients
- Organizations
- Runs
- Subscriptions
- Variables
- Workspaces
- Workspace notifications
Use Terraform Cloud steps in a workflow
Get your Terraform API token
Depending on how you want to interact with Terraform in Torq, you need to generate and use the proper API token. Torq tested and verified that all Terraform steps in Torq can be run with a User token.
- User tokens: each Terraform Cloud user can have any number of API tokens, which can make requests on their behalf.
- Team tokens: each team can have one API token at a time. This is intended for performing plans and applies via a CI/CD pipeline.
- Organization tokens: each organization can have one API token at a time. This is intended for automating the management of teams, team membership, and workspaces. The organization token cannot perform plans and applies.
User token
1. Click your user avatar/user photo.
2. Select User settings.
3. Go to Tokens.
4. Click the Create an API token button.
5. Give the token a meaningful description, such as, Token for Torq workflows
and click Create API token.
Team token
1. Go to the organization where the team exists.
2. Click Settings and go to Teams.
3. Click the Create a team token button.
4. Copy the token and save it. It will not be displayed again.
Organization token
- Go to the organization.
2. Click Settings and go to API tokens.
3. Click the Create an organization token button.
4. Copy the token and save it. It will not be displayed again.
Create a Terraform Clouds steps integration in Torq
The integration stores the API token. The integration is used to authenticate Terraform steps in a workflow.
1. Go to the Integrations page.
2. In the Steps section, locate the HashiCorp Terraform card and click Add.
3. Fill in the fields for the integration.
a. Name: a meaningful name for the integration.
b. API token: the user/team/organization token you generated and copied earlier.
Use run tasks to trigger Torq workflows
You can trigger Torq workflows with events from Terraform using run tasks.
Create a Terraform Cloud trigger integration in Torq
The integration generates a unique endpoint URL in Torq. You'll use this URL as the Webhook URL when you create a run task or notification in Terraform Cloud.
- Go to the Integrations page.
2. In the Triggers section, locate the Terraform Cloud card and click Add.
3. Give the integration a meaningful name, for example,terraform-run-task
orterraform-notification
.
4. Copy the endpoint URL. You'll need this when creating a run task in Terraform Cloud.
Create a run task
Run tasks are created on the organization level and applied on the workflow level.
- In your Terraform Cloud instance, go to the appropriate organization and click Settings > Run tasks > Create run task.
2. Complete the Create a Run Task form and click Create run task.
a. Name: a meaningful name for the run task, for example, torq-run-task
.
b. Endpoint URL: the Torq endpoint URL you created and copied earlier.
c. Description (optional): explain what this run task is.
Trigger a workflow with a run task
At this point, you've created a Terraform Cloud trigger integration in Torq, which generated a unique endpoint in Torq. You then associated this endpoint with a run task in Terraform Cloud.
- In Torq, go to the Workflows page and click Create Workflow.
2. Give the workflow a meaningful name, such asRun Tasks Integration
.
3. Select the Integrations trigger and click Pick Integration.
4. Click the Terraform Cloud card and select the integration you created.
5. To send information back to the run task, you need to add an HTTP Request step for each data item you want to send. If a call back is not performed within 10 minutes of the run task being triggered, the task will fail. Use all of the values below to configure the HTTP Request step. The BODY parameter will vary depending on the data you're sending back to the run task.
a. URL: {{ $.event.task_result_callback_url }}. This is the key from the event JSON.
b. METHOD: PATCH
c. AUTHORIZATION: Bearer
d. TOKEN: {{ $.event.access_token }}
e. HEADERS:
i. Key: Content-Type
ii. Value: application/vnd.api+json
f. CONTENT-TYPE: application/json; charset=utf-8
g. BODY: see JSON sample below
{
"data": {
"type": "task-results",
"attributes": {
"status": "passed",
"message": "Approved by {{ $.ask_a_question.responder_email }}"
}
}
}
Available steps
These are the premade steps for Terraform Cloud. Don't see a step you need? No problem, you can easily create custom steps.
- Apply run plan
- Create organization
- Create run plan
- Create VCS workspace
- Delete organization
- Delete workspace
- Get account details
- Get subscription details
- List OAuth clients
- List organizations
- List workspace notifications
- List workspaces
- List workspace variables
- Run task callback