• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Terraform
  • Install
  • Tutorials
    • About the Docs
    • Configuration Language
    • Terraform CLI
    • Terraform Cloud
    • Terraform Enterprise
    • CDK for Terraform
    • Provider Use
    • Plugin Development
    • Registry Publishing
    • Integration Program
  • Registry(opens in new tab)
  • Try Cloud(opens in new tab)
  • Sign up
Terraform Home

Terraform Cloud

Skip to main content
  • Terraform Cloud

  • Overview
  • Plans and Features
  • Getting Started
  • Migrating to Terraform Cloud
    • Splunk Integration
    • Kubernetes Integration
    • Run Tasks Integration

  • Terraform Cloud Agents

  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  • Terraform Registry
    (opens in new tab)
  1. Developer
  2. Terraform
  3. Terraform Cloud
  4. Integrations
  5. Kubernetes Integration

ยปTerraform Cloud Operator for Kubernetes Setup Instructions

Overview

HashiCorp Terraform Cloud customers can integrate with Kubernetes using the official Terraform Cloud Operator for Kubernetes to provision infrastructure internal or external to the Kubernetes cluster directly from the Kubernetes control plane. Using the Terraform Cloud Operator for Kubernetes' CustomResourceDefinition (CRD), users can dynamically create Terraform Cloud workspaces using a Terraform configuration from a git repository or from the Terraform Registry, populate variables, and perform Terraform runs to provision infrastructure.

Prerequisites

All Terraform Cloud users can use the Terraform Cloud Operator for Kubernetes. Some features of Terraform Cloud that are limited to certain tiers aren't available to the Terraform Cloud Operator for Kubernetes unless you've purchased the corresponding tier.

Terraform Cloud Operator for Kubernetes

Networking Requirements

In order for the Terraform Cloud Operator for Kubernetes to function properly, it must be able to make outbound requests over HTTPS (TCP port 443) to the Terraform Cloud application APIs. This may require perimeter networking as well as container host networking changes, depending on your environment. The IP ranges are documented in the Terraform Cloud IP Ranges documentation. The services which run on these IP ranges are described in the table below.

HostnamePort/ProtocolDirectionalityPurpose
app.terraform.iotcp/443, HTTPSOutboundDynamically managing Terraform Cloud Workspaces and returning the output to Kubernetes via the Terraform Cloud API

Compatibility

The current release of the Terraform Cloud Operator for Kubernetes supports the following versions:

  • Helm 3.0.1 and above
  • Kubernetes 1.15 and above

Installation & Configuration

  1. Generate an organization token within Terraform Cloud and save it to a file. (These instructions assume you're using a file named credentials.)

  2. Create a Kubernetes Secret with the Terraform Cloud API credentials.

    kubectl -n $NAMESPACE create secret generic terraformrc --from-file=credentials
    
  3. Add sensitive variables, such as your cloud provider credentials, to the workspace.

    kubectl -n $NAMESPACE create secret generic workspacesecrets --from-literal=secret_key=abc123
    
  4. Install the Terraform Cloud Operator for Kubernetes via Helm.

    helm repo add hashicorp https://helm.releases.hashicorp.com
    
    helm install --namespace ${RELEASE_NAMESPACE} hashicorp/terraform --generate-name
    
  5. To create a Terraform workspace, you can create a separate Helm chart to deploy the custom resource or examine these examples.

Upgrading

When a new version of the Terraform Cloud Operator for Kubernetes Helm Chart is available from the HashiCorp Helm repository, it can be upgraded with the following command:

helm upgrade --namespace ${RELEASE_NAMESPACE} ${RELEASE_NAME} hashicorp/terraform
Edit this page on GitHub

On this page

  1. Terraform Cloud Operator for Kubernetes Setup Instructions
  2. Overview
  3. Prerequisites
  4. Terraform Cloud Operator for Kubernetes
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)