Skip to main content

Terraform Workflow

StackGuardian provides first-class support for Terraform workflows, allowing users to select Terraform as the workflow type during workflow creation. This simplifies infrastructure automation by removing the need to write custom Terraform code.

Introduction​

This guide walks you through creating a Terraform workflow on StackGuardian and explores each configuration option in detail.

Source and Parameters​

Terraform workflows on StackGuardian support two source types:

  1. Git Repository: Fetch configuration code directly from private repositories using version control systems like GitHub or GitLab. Learn more about configuring repositories in Version Control Settings.
  2. Subscribed Templates: Use pre-built templates from the StackGuardian Library to deploy infrastructure with a no-code approach. These templates simplify deployment and reduce manual configuration efforts.

For more detailed information, refer to the Source and Parameters Guide.

Terraform Configuration​

In the Terraform Configuration section, you can define runtime behaviors such as state management, lifecycle custom steps, and integrations. This step includes configurations for actions like initializing, planning, applying, or destroying resources.

To learn more about runtime environment settings, see the Runtime Configuration Guide.

Configure Deployment Environment​

Define the execution environment for your Terraform workflow. This includes selecting cloud connectors, specifying variables, and configuring private runners if necessary.

Metadata, Review, and Launch​

After configuring the Terraform workflow, click Next to update the workflow metadata (e.g., name, description, and tags). Finally, click Launch to execute the workflow.

Create Terraform Workflow​

Discover additional ways to Create Terraform Workflows on StackGuardian.

Terraform-Specific Lifecycle Custom Steps​

StackGuardian enables users to define custom actions at different stages of the Terraform workflow lifecycle. These steps provide fine-grained control over the execution process.

  1. Pre Init: Execute commands before running terraform init. This is useful for environment setup and pre-configuration checks.
  2. Pre Plan: Run steps before terraform plan to validate configurations or prepare resources.
  3. Post Plan: Perform actions after the plan is generated, such as analyzing or auditing the plan.
  4. Pre Apply: Ensure all prerequisites are met before applying changes to infrastructure.
  5. Post Apply: Execute post-deployment validations or trigger follow-up actions after the apply phase.

For more details, refer to the Lifecycle Custom Steps Guide.

Accessing Workflow Files in StackGuardian​

StackGuardian provides a clear directory structure for accessing and managing files during workflow execution. For a detailed overview on the key directories, refer to Accessing Workflow Files.

Mounting Custom Binaries​

StackGuardian supports mounting custom binaries for advanced workflows. This enables users to execute additional logic by integrating custom scripts or binaries directly into the workflow runtime.

Prerequisites​

Before configuring custom binaries, ensure that:

  • A private runner is used, as custom binaries require controlled environments for security and accessibility.
  • The required Terraform/OpenTofu binary is stored on the private runner.

Configuring Custom Binaries for Terraform​

StackGuardian allows users to specify a Custom Tool Path for Terraform workflows to execute a specific binary version.

Steps to Configure​

  1. Navigate to the Workflow Configuration
    Go to Library > Configure Workflow and open the Terraform Configuration section.

  2. Enable Terraform Customizations
    Click on Terraform Customizations to expand the options.

  3. Enable Custom Tool Path
    Select the Custom Tool Path option.

  4. Specify the Custom Terraform Binary
    Enter the full path to the custom Terraform binary stored in your private runner.
    Example: /usr/bin/terraform198

    Terraform Customizations

Dive into Workflow​

StackGuardian workflows provide multiple tabs for monitoring, managing, and refining your deployments. Each tab offers specific insights and actions to optimize your workflow experience.

Overview​

The Overview tab highlights key workflow details, including compliance check results, cost estimations, and resource summaries like drift detection and schedules. It offers a quick snapshot of your workflow's status.
Learn more in the Workflow Overview Guide.

Runs​

The Runs tab lists all executions with real-time status, unique run IDs, and metadata, such as user actions and modification timestamps. Click a Run ID to view detailed logs and execution progress.
Explore the Workflow Runs Guide.

Outputs​

The Outputs tab displays execution results and downloadable artifacts like tfstate.json. Use key-value pairs to reference outputs in other workflows, making your infrastructure provisioning more dynamic.
See the Workflow Outputs Guide.

Settings​

The Settings tab enables post-creation updates, such as modifying input variables, refining Terraform runtime settings, reordering custom steps, or managing cloud connectors and environment variables.
Learn more in the Workflow Settings Guide.