HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Terraform
Terraform Home

Configure admin console

The admin console is a separate interface from the main Terraform Enterprise application and is designed specifically for administration tasks. The admin console provides the following administrative capabilities:

  • Generate and download product usage bundles
  • Create diagnostic bundles for troubleshooting
  • Collect system logs and configuration data
  • Export bundles for IBM Support

Refer to Manage Terraform Enterprise deployment overview for additional information about performing administrative tasks.

Requirements

  • Terraform Enterprise v1.1.x or newer
  • Administrative access to the Terraform Enterprise deployment
  • Network access to the admin console port. By default, admin console runs on port 8443.

Configuration

  1. Admin console runs on port 8443 by default, but you can set the TFE_ADMIN_HTTPS_PORT environment variable to a different port.
  2. To disable the admin console, set the TFE_ADMIN_CONSOLE_DISABLE environment variable to true in your deployment configuration.

Access admin console

To access the admin console, go to the following address in a browser window to access the console:

https://<your-tfe-hostname>:<admin_console_port>

You must present an API token with administrative access to authenticate to the admin console. Refer to the Access admin console for more information.

View audit logs

Terraform Enterprise logs access and authentication events for the admin console and system API operations for auditing purposes. Terraform Enterprise emits the events with structured fields so that downstream systems can parse them consistently. For more information about audit logging for security-related events, refer to Enable logs.

Troubleshooting

Complete the following troubleshooting steps to diagnose and resolve issues with admin console.

Check port accessibility

Verify that the admin console port is accessible from your network. Refer to the TFE_ADMIN_HTTPS_PORT reference for more information.

Test the API functionality

Confirm that the system API responds to requests by testing the ping endpoint. Refer to the /ping endpoint documentation for testing instructions.

Validate access token

Test access using a new authentication token to rule out token-related issues. Refer to the token generation documentation for creating new tokens.

Review system logs

Check system logs for error messages related to the Admin Console. If you cannot access the Admin Console interface, you can generate support bundles using the tfectl command-line tool as an alternative method. Refer to the support bundle generation documentation for details.

Check Audit Logs

Review audit logs to identify authentication issues or failed access attempts. Use the details described in Audit Logging to access and interpret log entries.

Edit this page on GitHub