terraform cloudの変数をterraformで管理するまで
not75743organizationとworkspace作って、そこに変数を設定するまでかな
これを使えばできるっぽい
not75743参考
あとは公式ドキュメント
not75743トークン設定
ドキュメントより
This provider requires a Terraform Cloud/Enterprise API token in order to manage resources.
To manage the full selection of resources, provide a user token from an account with appropriate permissions. This user should belong to the "owners" team of every organization you wish to manage. Alternatively, you can use an organization or team token instead of a user token, but it will limit which resources you can manage. Organization and team tokens cannot manage resources across multiple organizations, and organization tokens cannot manage certain resource types (like SSH keys). See the API token documentation for more details about access to specific resources.
今回はユーザートークンを設定しておく
tfeプロバイダ設定時に
terraform {
required_providers {
tfe = {
version = "~> 0.51.1"
}
}
}
provider "tfe" {
token = var.token
}
のようにtokenを設定する
not75743トークンが誤っている
リソース作成時にこのような認証エラーが出ます
│ Error: Error creating the new organization <organization名>: unauthorized
│
│ with tfe_organization.main,
│ on main.tf line 13, in resource "tfe_organization" "main":
│ 13: resource "tfe_organization" "main" {
organization
resource "tfe_organization" "main" {
name = "<organization名>"
email = "<通知用メールアドレス>"
}
organization名は世界で一意である必要がある
not75743project/workspace
resource "tfe_project" "main" {
name = "test-project"
organization = tfe_organization.main.name
}
resource "tfe_workspace" "main" {
name = "test-workspace"
organization = tfe_organization.main.name
project_id = tfe_project.main.id
}
このworkspaceはCLI-Drivenになるようです。
VCS連携の例もドキュメントに乗っているため、必要に応じて参考にする
not75743variables
resource "tfe_variable" "list" {
key = "list"
value = jsonencode(["queue1", "queue2", "queue3"])
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "list"
sensitive = false
}
jsonencodeする必要がありそうです。
型全部
resource "tfe_variable" "string" {
key = "string"
value = "string"
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "string"
sensitive = true
}
resource "tfe_variable" "number" {
key = "number"
value = 10
category = "env"
workspace_id = tfe_workspace.main.id
description = "number"
sensitive = false
}
resource "tfe_variable" "bool" {
key = "bool"
value = true
category = "env"
workspace_id = tfe_workspace.main.id
description = "bool"
sensitive = false
}
resource "tfe_variable" "list" {
key = "list"
value = jsonencode(["queue1", "queue2", "queue3"])
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "list"
sensitive = false
}
resource "tfe_variable" "map" {
key = "map"
value = jsonencode(
{
"queue1" = 10
"queue2" = 20
"queue3" = 30
}
)
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "map"
sensitive = false
}
resource "tfe_variable" "object" {
key = "object"
value = jsonencode(
{
name = "test-sqs-queue"
tags = {
Environment = "Test"
Project = "Terraform Practice"
}
delay_seconds = 10
}
)
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "object"
sensitive = false
}
resource "tfe_variable" "tuple" {
key = "tuple"
value = jsonencode(
[{
name = "aaa"
age = 27
}, {
name = "bbb"
age = 33
}]
)
category = "terraform"
workspace_id = tfe_workspace.main.id
description = "tuple"
sensitive = false
}
既存のorganization,workspaceに変数を追加する
こっちを使うパターンのほうが多いかも。Data Sourceを使うだけ
data "tfe_organization" "main" {
name = "<org名>"
}
data "tfe_project" "main" {
name = "<プロジェクト名>"
organization = data.tfe_organization.main.name
}
data "tfe_workspace" "main" {
name = "<workspace名>"
organization = data.tfe_organization.main.name
}
resource "tfe_variable" "string" {
workspace_id = data.tfe_workspace.main.id
}