Terraform

Configuring the Veza Integration for Terraform Cloud

Overview

The Veza integration for HashiCorp Terraform Cloud facilitates the discovery of users, groups, roles, and permissions within a Terraform organization.

To configure this integration, you need to create a Terraform user and generate a read-only API token for Veza to connect to your Terraform environment.

Refer to notes and supported entities for additional details.

Configuring Terraform Cloud

Create a new user account at https://app.terraform.io/public/signup/account.
Generate either a User token or an Organization token to access Terraform APIs.
Steps to Create a User Token:
1. Log in to your account and go to the user settings.
2. Select Tokens.
3. Create an API token. Copy and securely store it.
Steps to Create an Organization Token:
1. On the Terraform home page, pick your organization.
2. In the left navigation, expand Settings and go to API Tokens.
3. Create an organization token and store it securely.
To Obtain the Organization External ID:
1. On the Terraform home page, pick your organization.
2. Click on Settings in the left navigation.
3. Find the Organization External ID in the General section of the settings.

Adding Terraform Cloud to Veza

As a Veza administrator, go to Integrations.
Click Create Integration and pick Terraform Cloud for the integration to add.
Enter the required information and click Save to save the configuration.

Field	Description
Terraform URL	The URL for the Terraform API endpoint, including the protocol.
Terraform User or Organization Token	The token used to access the Terraform API.
Terraform Organization External ID	The external ID of the organization for accessing the Terraform API.

Field

Description

Terraform URL

The URL for the Terraform API endpoint, including the protocol.

Terraform User or Organization Token

The token used to access the Terraform API.

Terraform Organization External ID

The external ID of the organization for accessing the Terraform API.

Notes and Supported Entities

The Terraform Cloud integration supports the following entities and attributes:

Terraform Organization: A platform for teams to manage Terraform runs in a consistent and reliable environment. Features include shared state and secret data, access controls, module sharing, and policy controls for configurations. Terraform Cloud is available as a hosted service at https://app.terraform.io.
Terraform User: Individual user accounts that can be part of one or more teams, with permissions on workspaces within an organization. Users can belong to multiple organizations.
Terraform Group: Represents a team of local Terraform users.
Terraform Role: Indicates the visibility level provided to a team.
Terraform Permission: Denotes the capabilities or organizational access granted to a team or user.

Terraform User

Property Description

Property	Description
`id`	The user’s ID.
`name`	The user’s name.
`email`	The user's email address.
`is_service_account`	Indicates if the user has a service account.
`organization_owners`	Shows if the user is an organization owner.
`is_active`	True if the user is active, otherwise false.
`created_at`	The date and time when the user was created.

id

The user’s ID.

name

The user’s name.

email

The user's email address.

is_service_account

Indicates if the user has a service account.

organization_owners

Shows if the user is an organization owner.

is_active

True if the user is active, otherwise false.