MCAF Terraform module to create and manage a Terraform Cloud workspace.
With default options Terraform will also create and manage a GitHub repository and attach it to the Terraform Cloud
workspace. If the create_repository option is set to false, the GitHub repository should already exist or the
Terraform run will fail.
| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| tfe | >= 0.61.0 |
| Name | Version |
|---|---|
| tfe | >= 0.61.0 |
No modules.
| Name | Type |
|---|---|
| tfe_notification_configuration.default | resource |
| tfe_team_access.default | resource |
| tfe_variable.clear_text_env_variables | resource |
| tfe_variable.clear_text_hcl_variables | resource |
| tfe_variable.clear_text_terraform_variables | resource |
| tfe_variable.sensitive_env_variables | resource |
| tfe_variable.sensitive_hcl_variables | resource |
| tfe_variable.sensitive_terraform_variables | resource |
| tfe_workspace.default | resource |
| tfe_workspace_settings.default | resource |
| tfe_workspace_variable_set.default | resource |
| tfe_team.default | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| name | A name for the Terraform workspace | string |
n/a | yes |
| terraform_organization | The Terraform Enterprise organization to create the workspace in | string |
n/a | yes |
| agent_pool_id | Agent pool ID, requires "execution_mode" to be set to agent | string |
null |
no |
| allow_destroy_plan | Whether destroy plans can be queued on the workspace | bool |
true |
no |
| assessments_enabled | Whether to regularly run health assessments such as drift detection on the workspace | bool |
true |
no |
| auto_apply | Whether to automatically apply changes when a Terraform plan is successful | bool |
false |
no |
| auto_apply_run_trigger | Whether to automatically apply changes for runs that were created by run triggers from another workspace | bool |
false |
no |
| branch | The git branch to trigger the TFE workspace for | string |
"main" |
no |
| clear_text_env_variables | An optional map with clear text environment variables | map(string) |
{} |
no |
| clear_text_hcl_variables | An optional map with clear text HCL Terraform variables | map(string) |
{} |
no |
| clear_text_terraform_variables | An optional map with clear text Terraform variables | map(string) |
{} |
no |
| description | A description for the workspace | string |
null |
no |
| execution_mode | Which execution mode to use | string |
"remote" |
no |
| file_triggers_enabled | Whether to filter runs based on the changed files in a VCS push | bool |
true |
no |
| github_app_installation_id | The GitHub App installation ID to use | string |
null |
no |
| global_remote_state | Allow all workspaces in the organization to read the state of this workspace | bool |
null |
no |
| notification_configuration | Notification configuration, using name as key and config as value | map(object({ |
{} |
no |
| oauth_token_id | The OAuth token ID of the VCS provider | string |
null |
no |
| project_id | ID of the project where the workspace should be created | string |
null |
no |
| queue_all_runs | When set to false no initial run is queued and all runs triggered by a webhook will not be queued, necessary if you need to set variable sets after creation. | bool |
true |
no |
| remote_state_consumer_ids | A set of workspace IDs set as explicit remote state consumers for this workspace | set(string) |
null |
no |
| repository_identifier | The repository identifier to connect the workspace to | string |
null |
no |
| sensitive_env_variables | An optional map with sensitive environment variables | map(string) |
{} |
no |
| sensitive_hcl_variables | An optional map with sensitive HCL Terraform variables | map(object({ |
{} |
no |
| sensitive_terraform_variables | An optional map with sensitive Terraform variables | map(string) |
{} |
no |
| ssh_key_id | The SSH key ID to assign to the workspace | string |
null |
no |
| team_access | Map of team names and either type of fixed access or custom permissions to assign | map(object({ |
{} |
no |
| terraform_version | The version of Terraform to use for this workspace | string |
"latest" |
no |
| trigger_patterns | List of glob patterns that describe the files Terraform Cloud monitors for changes. Trigger patterns are always appended to the root directory of the repository. Mutually exclusive with trigger-prefixes | list(string) |
null |
no |
| trigger_prefixes | List of repository-root-relative paths which should be tracked for changes | list(string) |
[ |
no |
| variable_set_ids | Map of variable set ids to attach to the workspace | map(string) |
{} |
no |
| working_directory | A relative path that Terraform will execute within | string |
"terraform" |
no |
| workspace_tags | A list of tag names for this workspace. Note that tags must only contain lowercase letters, numbers, colons, or hyphens | list(string) |
null |
no |
| Name | Description |
|---|---|
| workspace_id | The Terraform Cloud workspace ID |
| workspace_name | The Terraform Cloud workspace name |
Copyright: Schuberg Philis
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.