Terraform patterns for scopes

You can use the following patterns to create org-level and project-level scopes.

Requirements

This document assumes the reader has:

• An understanding of Terraform fundamentals.
• An existing Boundary installation. Refer to Deploy Boundary in a self-managed environment to learn about deploying Boundary.
• Configured the Terraform Boundary provider.

Scopes configuration

The scope_id parameter determines what kind of scope to create according to these rules:

• If scope_id is the global scope, an org-level scope is created.
• If scope_id is an org-level scope, a project-level scope is created.
• If scope_id is a project-level scope, a nested project-level scope is created.

resource "boundary_scope" "project" {
  name                     = "Basic Boundary Demo"
  description              = "First Ever Boundary Demo"

  # This parameter is the parent scope.  It can be either the global scope, an
  # org-level scope, or a project-level scope.
  scope_id                 = var.se_org_scope

  # Using the auto_create_x_role flags can help you get set up faster
  # becasue you won't have to explicitly define these roles.
  auto_create_admin_role   = true
  auto_create_default_role = true
}

More information

For more information about the Boundary resources mentioned in this topic, refer to the domain model documentation:

• Scopes
• Org-level scopes
• Project-level scopes

For more information about managing the following resources using Terraform, refer to the Boundary provider documentation:

• Scopes

Next steps

You use scopes to partition resources and assign them to users. Once you have created scopes, you may want to create users and auth methods.