Terraform
Reference for the humanitec/template driver
The Terraform driver is not available as part of the free trial. Please contact Humanitec if you would like to use the terraform driver as part of an evaluation of Humanitec.
This driver runs Terraform to provision resources. The Terraform definition can be provided in-line or reference a Terraform module in a Git repository.
Property | Description |
---|---|
Resource Type | Any |
Account Type | None |
Name | Type | Description |
---|---|---|
source | object | [Optional] A Git repository to use for the Terraform definition. |
script | string | [Optional] An inline terraform definition in HCL format. If specified with source , it works as override.tf |
variables | object | A Map of variable names that are used as inputs to the Terraform definition and their values. |
At least one of
source
or script
must be specified.Source object
The source object defines how the driver will use Terraform definitions that are stored in Git. In order for the driver to use the source based Terraform definitions, the repository must be accessible to the driver and credentials must be supplied if necessary.
Property | Type | Description |
---|---|---|
path | string | [Optional] Relative path to the scripts: path/to/scripts . |
rev | string | [Optional] Branch name, tag, or commit SHA. E.g. /refs/heads/main |
url | object | Repository URL. E.g. github.com:my-org/project.git for SSH or https://github.com/my-org/project.git for HTTPS. |
username | object | [Optional] User Name to authenticate. Default is git . |
Name | Type | Description |
---|---|---|
source | object | [Optional] Credentials for the git repo. |
variables | object | A Map of variable names that are used as sensitive inputs to the Terraform definition. |
Source object
Credentials to be used to access the git repository. The choice of credentials depends on the
url
format.Property | Type | Description |
---|---|---|
password | string | [Optional] Password or Personal Account Token - for HTTPS. |
ssh_key | string | [Optional] SSH Private key - for connections over SSH. |
Resource Types in Humanitec have a specified Resource Output Schema. In order for a resource to be usable in Humanitec, the Terraform definition must specify
output
variables that exactly match this schema.Name | Type | Description |
---|---|---|
aws_access_key_id | string, secret | Specifies an AWS access key associated with an IAM user or role. |
aws_secret_access_key | string, secret | Specifies the secret key associated with the access key. This is essentially the "password" for the access key. |
bucket | string | The bucket name. |
region | string | The region the bucket is hosted in. |
Therefore, the Terraform definition should have outputs defined similar to:
output "region" {
value = module.aws_s3.s3_bucket_region
}
output "bucket" {
value = module.aws_s3.s3_bucket_bucket_domain_name
}
output "aws_access_key_id" {
value = var.credentials.access_key
sensitive = true
}
output "aws_secret_access_key" {
value = var.credentials.secret_key
sensitive = true
}
Here is an example of using the Terraform driver to provision an S3 bucket using a public git repository:
curl "https://api.humanitec.io/orgs/${HUMANITEC_ORG}/resources/defs" \
-H "Authorization: Bearer ${HUMANITEC_TOKEN}" \
-H "Content-Type: application/json" \
--data-binary '{
"id": "s3-terraform",
"name": "s3-terraform",
"type": "s3",
"driver_type": "angus-demo/terraform",
"driver_inputs": {
"values": {
"source": {
"path": "s3",
"rev": "refs/heads/main",
"url": "https://github.com/chrishumanitec/terraform-demo.git"
},
"variables": {
"bucket": "humanitec-terraform-demo-${context.app.id}-${context.env.id}",
"region": "eu-west-3"
}
},
"secrets": {
"variables": {
"credentials": {
"access_key": "...",
"secret_key": "..."
}
}
}
},
"criteria": [
{"env_type":"test-envs"}
]
}'
Last modified 1mo ago