Terraform

This topic explains how to get started with Terraform in Commander.

After you've performed the following steps, in the Admin Portal you'll be able to access the state of Terraform configurations stored in backends for Terraform Cloud, AWS S3 buckets, and Azure Blob Storage containers. You can also view details such as the outputs, variables, and resources for your Terraform deployments.

For Commander version 9.0 or higher, if you want to change the configuration of Terraform resources through Commander and keep the backend state file properly synchronized, you must use change requests that target XaaS (Anything-as-a-Service) resources. XaaS resource change requests can use workflows that will perform tasks on the resources you want to target. For more information, see Change Requests for XaaS Resources.

Get started

  1. Create a storage account and set up the required permissions.

    For more information, see Set Up Storage for State Backends.

  2. Configure the backend for your Terraform configuration.

    For more information, see Backends in the Terraform Language documentation.

  3. From the Commander Admin Portal, connect to the storage account.

    For more information, see Add Storage Accounts for State Backends.

  4. Set ownership of the backend.

    For more information, see Set Terraform Resource Ownership.

For more information on working with Terraform, see Snow Software's public Cloud Management Integrations repository on GitHub.

This repository provides sample templates that demonstrate how to:

  • Use Commander workflow modules to synchronize Terraform accounts. This retrieves the latest snapshot of the deployed resources for a Terraform backend.
  • Set ownership of Terraform backends.
  • Request changes to deployed XaaS Terraform resources.

State backend

When resources are deployed by Terraform, a state file is created and stored in a backend. You can connect to a backend to access the state of your Terraform configurations and view the inventory of deployed Terraform resources. You can also view the raw state file, including all parameters, IDs, dependencies, and outputs. Any JSON file that contains a Terraform version is considered a valid state file.

For state files stored in backends for Terraform Cloud, you can also see:

  • Input variables that define the parameters of a workspace configuration.
  • Environment variables used by providers for credentials and other data.

Sensitive values are hidden.

For more information about state backend properties, see Terraform account properties and Terraform backend properties.

Resources

For each backend state, you can see the collection of infrastructure resources and their configuration, which includes the resource names, the resource types, and the provider. You can select a resource from the list to see the resource block (instances) from the state file.

The frequency at which the backend state is retrieved from Terraform is based on the update frequency that's specified for the related Terraform account. To retrieve the latest snapshot of the deployed resources, you can manually synchronize with the backend. For more information, see Synchronize State Backends.

Resource ownership

You can set which organizations and users you want to be the owners of Terraform backends. This allows:

  • Service Portal users to see those backends and the resources that belong to them.
  • Admin Portal and Service Portal users to be able to request configuration changes to Terraform resources. For more information, see Change Requests for XaaS Resources.

For more information, see Set Terraform Resource Ownership.