Terraform Cloud Getting Started

published: 14th of January 2023

Intro

Terraform is a pretty rad tool, but in the past it was a bit janky to have a remotely managed state backend. Fortunately, this is no longer the case. In the last few years, Hashicorp has released a SaaS offering for Terraform, aptly named: Terraform Cloud. Terrafrom Cloud enables you (and/or a team) to simplify the management of your Terraform environments. Allowing for shared state management, and to also apply governence to Terraform deployments.

One of the most amazing things about Terraform Cloud is it is FREE (YES! Free as in free beer) for a team of up to 5 users. You don't get all the bells and whisles, but the features of the free plan are certainly enough for solo users.

Well, that's enough jabbering. Buckle up partners, cause in this post, I will show you how to get started with Terraform Cloud.

Pre-Flight Check

Terraform CLi

This post assumes you have Terraform CLI installed. Instructions for installing the Terraform CLI for your particular system can be found in the docs here.

Terraform Cloud Account

You will also need an account on Terraform Cloud. If you don't already have one, you can create an account here.

Terraform Cloud Organization

Once you have created an account, you will be prompted to create an Organization. Organization names must be unique accross all Terraform Cloud accounts.

Software Versions

The following software versions where used in this post.

Ubuntu - 22.04.1 LTS
Terraform CLI - 1.3.7

API Token

To access Terraform Cloud via the CLI we need to create an API token. To create an API token, browse to the user setting page, click on Create and API token and follow the prompts.

Note

Be sure to save the API token in a safe place. When you navigate away from the page where you can see the token, the token is no longer visible.

Credential File

Once you have your token, create a credential file on the machine you will be running your Terraform code. Be careful to also ensure that you alter the permission of the file, so that it's only Read/Write for yourself.

The Credentials file lives in the ~/.terraform.d/ directory. Put your token into the below script and run it.

    cmd
  

    # Create the directory.
mkdir -p ~/.terraform.d/

# Create the Terraform credentials file.
cat << EOF > ~/.terraform.d/credentials.tfrc.json
{
  "credentials": {
    "app.terraform.io": {
      "token": "<YOUR-TOKEN>"
    }
  }
}
EOF

# Upate the file permissions so only you have access.
chmod 0600 ~/.terraform.d/credentials.tfrc.json
  

Workspace

Workspaces are used to manage collections of infrastructure resources. For this post, we will create a workspace named testing.

To create a workspace in Terraform Cloud browse to:

Click on Create a workspace and create a CLI-driven workflow.

Enter testing for the workspace name and click Create Workspace.

This will create the workspace and provide you with a block of code similar to the below that is used to tie our local Terraform environment to the Terraform Cloud workspace.

    terraform
  

    terraform {
  cloud {
    organization = "<ORGANIZATION>"

    workspaces {
      name = "testing"
    }
  }
}
  

By default, workspaces run jobs on Terraform Cloud runners. I am going to enable auto-apply on my workspaces so that I don't have to login to the web portal to manually approve deploys.

To enable auto-apply browse to:

Change the Apply Method to Auto apply then click the Save settings button.

Terraform Init

Alright, were looking good so far. Now let's test our connection to Terraform Cloud from our local environment.

First, we will create a project directory and change into it.

    cmd
  
    mkdir -p ~/terraform/testing && cd ~/terraform/testing

Now, create a backend.tf file with the contents from the previous step, when we created the workspace in Terraform Cloud. This ties our local environment to our Terraform Cloud workspace.

    backend.tf
  

    terraform {
  cloud {
    organization = "<ORGANIZATION>"

    workspaces {
      name = "testing"
    }
  }
}
  

Next, initialize the project with the terraform init command. This will connect the local environment to Terraform cloud.

    cmd
  
    terraform init
  
# Output
Initializing Terraform Cloud...

Initializing provider plugins...

Terraform Cloud has been successfully initialized!

You may now begin working with Terraform Cloud. Try running "terraform plan" to
see any changes that are required for your infrastructure.

If you ever set or change modules or Terraform Settings, run "terraform init"
again to reinitialize your working directory.

Success!! We have now connected our local environment with Terraform Cloud.

Outro

That's pretty much it for now. We have setup our local Terraform environemnt to use Terraform cloud as a Remote State Backend. Be sure to look out for future posts, where I will be provisioning infrastructure using Terraform Cloud as a Remote State Backend.

Stay nerdy my friends ✌️