/tfc-agent

Examples related to the Terraform Cloud Agent, a remote runner for Terraform Cloud Business

Primary LanguageHCL

tfc-agent

This repository contains usage examples of the Terraform Cloud Agent.

  • tfc-agent-ecs provides an example of running tfc-agent on AWS ECS Fargate, and enabling credential free provisioning from Terraform Cloud by leveraging AWS IAM and AssumeRole to automatically generate short-lived security credentials.
  • tfc-agent-azure provides an example of running tfc-agent on Azure Container Instances, and enabling credential free provisioning from Terraform Cloud by leveraging Azure MSI to automatically generate short-lived security credentials. (Beta)
  • tfc-agent-google provides an example of running tfc-agent on Google Compute Engine, and enabling credential free provisioning from Terraform Cloud by leveraging GCP IAM and Service Account Impersonation to automatically generate short-lived security credentials.
  • tfc-agent-vsphere provides an example of using Packer to build a machine image with tfc-agent runners.
  • tfc-agent-custom provides an example of customizing the tfc-agent Docker container to fetch secrets and configure a provider.
  • tfc-agent-nomad provides example job files that can be used to run tfc-agent on a Nomad cluster.

Overview

The Terraform Cloud Agent is a remote runner for Terraform Cloud that gives the ability to provision resources in private networks that are not open to the internet. It does this by establishing an HTTPS connection to the Terraform Cloud control plane, and then polling for instructions.

When a terraform plan or apply job is available for the agent, it receives a bundle from the control plane that includes the terraform configuration needing to be run. The agent then downloads the terraform version specified in the workspace, executes the plan or apply, and transmits the results back to the control plane.

The agent can be run in any environment, and typically behind the firewall. This means your terraform code can reach any system in the network that is reachable from the host where the agent is running. Additionally, the agent itself can pass data to the terraform run environment through the use of environment variables.

Other Resources