⚠️ HashiCorp has taken over maintenance of this module so this version is no longer maintained - the official module is available here: https://registry.terraform.io/modules/hashicorp/terraform-cloud-operator/kubernetes/latest
This module uses the kubernetes provider and beta kubernetes manifest resource to install the Terraform Cloud Operator for Kubernetes.
By default, it creates a namespace and two secrets named terraformrc and workspacesecrets. The operator is installed in that provided namespace.
An example configuration to use this module could be:
# main.tf
provider "kubernetes" {
config_path = "~/.kube/config"
experiments = {
manifest_resource = true
}
}
module "terraform-cloud-operator" {
source = "hashicorp/terraform-cloud-operator/kubernetes"
version = "0.0.1"
operator_namespace = "demo"
workspace_secrets = {
AWS_ACCESS_KEY_ID = var.aws_access_key_id
AWS_SECRET_ACCESS_KEY = var.aws.secret_access_key
}
}
Name | Version |
---|---|
kubernetes | >= 2.4.0 |
Name | Version |
---|---|
kubernetes | >= 2.4.0 |
No modules.
Name | Description | Type | Default | Required |
---|---|---|---|---|
create_namespace | By default, the module will create a namespace in which to install the operator. | bool |
true |
no |
create_secrets | By default, the module will create two secrets named terraformrc and workspacesecrets. | bool |
true |
no |
image_k8s | image_k8s is the name (and tag) of the terraform-k8s Docker image that is used for functionality such as workspace sync. This can be overridden per component. | string |
"hashicorp/terraform-k8s:1.0.0" |
no |
insecure | If true it disables certificate validation for all outbound HTTPS connection the operator has to do. It can be used when connecting to TFE instances with self-signed certificates. | bool |
false |
no |
k8_watch_namespace | k8_watch_namespace is the Kubernetes namespace to watch for workspace changes and sync to Terraform Cloud. If this is not set then it will default to the release namespace. | string |
"null" |
no |
log_level | WARNING: use only on terraform-k8s versions > 1.0.0. Configure zap optional flag to adjust log level verbosity. Can be one of 'debug', 'info', 'error'. Defaults to 'debug'. | string |
"null" |
no |
operator_namespace | The namespace in which to install the operator and monitor for Workspaces. | string |
n/a | yes |
terraform_credentials_path | Specify the relative path to the file that contains your Terraform Cloud Team API token. | string |
"credentials" |
no |
terraform_version | terraformVersion describes the version of Terraform to use for each workspace. If this is not set then it will default to the latest version of Terraform compiled with the operator. | string |
"latest" |
no |
tfe_address | tfe_address denotes the address in the form of https://tfe.local for a Terraform Enterprise instance. If this is not set then it will default to Terraform Cloud (https://app.terraform.io). | string |
"https://app.terraform.io" |
no |
workspace_secrets | https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret#data | map(string) |
{} |
no |
Name | Description |
---|---|
deployment_name | https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/deployment#name |