
Most infrastructure as code pipelines have two core parts: an IaC platform like Terraform or OpenTofu, and a version control system (VCS) like Bitbucket. Terraform defines and provisions infrastructure through a declarative configuration language, and pairing it with Bitbucket adds a layer of control and collaboration. People usually think of pull request automation when they hear "Bitbucket and Terraform," and the second half of this post covers that. First, though, we'll look at using Terraform to manage your Bitbucket configuration itself, plus the integration Scalr has with Bitbucket.
Terraform uses providers to talk to endpoint APIs and create resources. The Bitbucket Terraform provider sits between your infrastructure code and Bitbucket Cloud or Bitbucket Datacenter. You use it to define and manage Bitbucket resources (such as repositories and projects) right inside your Terraform modules and code. That means your repository configurations are codified, version-controlled, and easy to reproduce across environments.
Picking the right provider matters here. Tools like Okta and GitLab have officially supported providers, but Bitbucket is community driven, so you want the one that's maintained and used the most. Searching the standard Terraform registry didn't help me much, since it gives you almost nothing to compare on.
Instead, I used library.tf, a registry maintained by Scalr, which gave me the insights I needed to make the decision on which provider to use:

Screenshot of Providers from Library.tf
As seen above, there is only one provider that has been updated in the last year and has frequent commits, when clicking on the provider I can also see the number of contributors, open issues, and more to help me make my decision on using this Bitbucket provider.
Before getting into the common use cases of using the Bitbucket Terraform provider, ensure that you have the following prerequisites in place:
The next few steps cover how to authenticate to the provider, then walk through some basic examples of using it.
Start by configuring the Bitbucket Terraform provider in your Terraform code. Open your Terraform configuration file (commonly named main.tf) and add the following block:
Replace "your-username" with your Bitbucket username and "your-password" with the password you use for Bitbucket. The latest version of the Bitbucket Terraform provider documentation can be found here.
Now, let's create a Bitbucket repository using the Bitbucket Terraform resource. This can all be viewed in detail in the Terraform registry here. Add the following code to your configuration:
This Terraform code defines a resource "example_repo" that is set to be private.
In this example, we'll manage the groups in Bitbucket and what permissions they have. In this case, we'll also use a data source to pull the workspace ID:
This Terraform code defines a resource "example_group" and sets the groups permissions to read.
Once you've defined your Bitbucket resources through the Bitbucket Terraform provider, navigate to the directory containing your Terraform configuration file and run the following commands:
If you are using OpenTofu, use the tofu commands instead:
Terraform will initialize the Bitbucket provider and apply the changes to your Bitbucket account. Upon a successful Terraform run, the state file will be created.
Use Terraform variables to make your configurations more dynamic. Instead of hardcoding values, use variables so your scripts stay reusable and flexible.
Consider using remote state management to store your Terraform state files securely. Services like Scalr or AWS S3 can be configured as remote backends to store state files. Here is an example of connecting to Scalr:
To improve your Terraform code, look at using Bitbucket data sources to pull information from other resources or workspaces into the run.
So far we've covered the basic steps to configure the Bitbucket Terraform provider, create repositories and groups, and apply a few best practices. From here, the provider supports plenty of other Bitbucket resources worth a look, such as branches, deploy keys, and projects. The library.tf documentation for the provider is a good place to find more detail and examples.
Once your repositories, projects, and groups live in Terraform code, you create and change them with the same plan-and-apply workflow you already use for cloud infrastructure, and the configuration sits in version control alongside everything else.
Now let's switch gears and look at Bitbucket as part of your overall Terraform pipeline, and how it connects to Scalr.
When talking about Terraform and Bitbucket, the number one best practice is to make sure your Terraform files are stored in a VCS repository, like Bitbucket. By storing the Terraform configuration in a Bitbucket repository, you enable the following for your infrastructure teams:
If you are looking for a TACO, such as Scalr or Terraform Cloud, to help scale your Terraform operations, the integration with Bitbucket is a key feature. By integrating these tools with Bitbucket, you are not only able to pull in the Terraform code but also enable the following features:
The TACO products have a full feature set dedicated to Terraform, including the ability to store Terraform state files. See more here.
