Everything you need to know about using Terraform or OpenTofu with Slack

Slack has become a popular and effective tool of choice for DevOps teams due to its versatile features that enhance communication, collaboration, and overall workflow management.  Whether a team wants notifications about an alarm going off in New Relic or a notification when a Terraform apply has failed, Slack provides the chatops experiences to improve DevOps teams efficiency. In this blog we will talk about the various use cases between Slack and Terraform.

ChatOps has become an industry standard which refers to the ability to use chat tools like Slack or MS Teams to make your DevOps teams more efficient through external integrations. The integrations give teams the ability to post all operational information to a channel rather than users having to go out and search for it. It’s a way to aggregate all relevant information into a single context and enable teams to collaborate.

One of the most popular use cases is integrating Slack with Terraform to receive notifications when specific Terraform events occur. Automated Slack messages based on Terraform runs have several advantages, contributing to improved communication and quicker Terraform deployments

Why Send Terraform Events to Slack?

Here are a few reasons why you may want to integrate Terraform with Slack:

1. Reduce Context Switching - If your development teams already work in Slack to review Terraform code and pull requests, then why change where they are working? Slack notifications provide real-time updates on key events during the Terraform provisioning process. This ensures that all team members are promptly informed about changes, successes, or issues.
2. Reduce Noise - Slack notifications are only good if they are useful and you are alerted to take action when actually needed. Most teams will likely want a Slack notification when a Terraform apply fails, but not for every Terraform event.
3. Approving or Denying Terraform Applies - This is similar to context switching, but the ability to approve a Terraform apply directly from Slack increases the team efficiency. Having the ability to receive Slack notifications when an approval is needed, reading the plan output, and then taking action on the Terraform approval all in a single place again reduces context switching as well as increases the visibility across the team. Not all methods we talk about below give you the ability to do an approval directly from Slack, but the Scalr option does.

Setting up a Slack Webhook

If you are setting up an integration with Slack that does not use a supported Slack app, you’ll likely need to create your own app in Slack. To do that, you’ll need to go to api.slack.com, click on “Your Apps”, and then create a new app from scratch. For the features and functionality, you’ll likely only need to enable “Incoming Webhooks”, which will provide you with a webhook URL and a sample curl request:

curl -X POST -H 'Content-type: application/json' --data '{"text":"Hello, World!"}' YOUR_WEBHOOK_URL_HERE

This webhook URL is what your custom integrations will call to create the Slack message when triggered.

Two Ways to Integrate Terraform with Slack

Use Terraform Local Exec

The most basic way to integrate Terraform with Slack, without a third party tool, would be to use the Terraform local-exec functionality. Using the local-exec option in Terraform allows you to call the Slack webhook URL from within your Terraform configuration to send a message.

resource "null_resource" "example" {
  provisioner "local-exec" {
    command = “curl -X POST -H 'Content-type: application/json' --data "{'text':'The run has completed'}" YOUR_WEBHOOK_URL_HERE”
  }
}

While this is an option to integrate Terraform with Slack, it’s not considered a best practice at scale as this code needs to be added to every Terraform workspace or Terraform configuration file that is executed. This is better to use in more of a one off use case.

The Scalr Integration with Slack

The Scalr app in the Slack app directory sends a Slack notification when Terraform run events happen and allows users to approve runs directly from Slack. This provides a scalable way to be notified of Terraform run events as it is configured outside of the Terraform configuration files. A Scalr admin has the ability to create the integration with Slack and define which Scalr environments and workspaces should trigger a Slack message to a specific Slack channel. By having the setup outside of the Terraform configuration files, the end users don’t have to remember to do it when setting up the Terraform workspace.

Scalr also provides more granularity by allowing users to choose which Terraform run events trigger a notification:

Lastly, the Scalr app for Slack also allows for approvals directly from Slack. Slack users will be sent all of the information they needs to make a decision about whether or not they want to approve the Terraform run:

• Terraform plan output
• Open Policy Agent results
• Cost estimation

Once the Slack user is ready to approve, they can give an approval reason which is then sent back to Scalr and can be seen prior to the Terraform apply event happening.

Other Slack/ Terraform Relevant Information

Is there a Slack Terraform Provider?

The main focus of this blog was around integrating Slack notifications with Terraform, but it is also important to note that you can actually manage Slack itself with Terraform. While there is not a Slack Terraform provider managed and maintained by Slack themselves, there is a trusted Terraform Provider for Slack resources.

This provider gives you the ability to manage the slack_usergroup and slack_conversation resources.

What Slack Terraform Modules Exist?

While there are not any modules to actually manage Slack resources, the most popular module involving Slack is the “terraform aws notify slack” module, which is used to integrate AWS SNS, specifically an SNS topic, with Slack channels.

Summary

As you can see, there are many ways to use Terraform and Slack together. Whether it is using the Slack Terraform provider to manage Slack, using Terraform to create a connection between and SNS topic and Slack, or using tooling like Scalr to notify DevOps teams of Terraform run events. Slack has significantly improved operational efficiency and has become a best practice for many DevOps teams in the infrastructure as code space.