New Feature: Provider Configurations
Provider Configurations make it easy to manage the configuration and the access to Terraform providers at scale.
Do you use more than one Terraform provider? We sure hope you do, so read on, friend!
At Scalr, we're building a great alternative to Terraform Cloud. This Summer we released a feature that manages the configuration of every provider you use. It supports role delegation, and it lets you reuse a configuration across workspaces.
We're calling the feature Provider Configurations, 'cause we're a creative bunch.
If you're anything like me, you've got dozens of services managed via Terraform, from AWS to DNS to Kubernetes to AzureAD to VMware, perhaps even hundreds! See the top 20 providers here. That's a lot of configurations. Tracking who has access to each one, rotating its keys, and keeping it all secure turns into a grind.
Provider Configurations makes this easy. You write Terraform code to manage the configuration of each provider, and from the same place, define which environments and which workspaces can use the configuration. Here's some sample code to let a "dev" environment use an AWS configuration.
# Create the provider configuration for AWS
resource "scalr_provider_configuration" "scalr_managed" {
name = var.configuration_name
account_id = var.scalr_account_id
export_shell_variables = false
# Use role delegation as the configuration for AWS
aws {
credentials_type = "role_delegation"
account_type = "regular"
trusted_entity_type = "aws_account"
role_arn = aws_iam_role.scalr_aws_integration.arn
external_id = local.external_id
}
# Share the provider configuration with the dev environment
environments = [data.scalr_environment.dev.id]
}
# Enable the provider configuration in the dev workspace.
resource "scalr_workspace" "dev_vpc_prod" {
name = "dev_vpc_prod"
environment_id = data.scalr_environment.dev.id
provider_configuration {
id = scalr_provider_configuration.scalr_managed.id
}
}As you can tell from the code, this makes it super easy to manage the secrets needed by your providers.
- For providers that support role delegation, you no longer have to think about rotating secrets: the above example configures the provider to use short-lived secrets generated automatically by Scalr and AWS.
- For providers that don't support role delegation, you can still achieve similar convenience by using the scheduler.
Provider configurations are a first class citizen in Scalr. You can manage and share access to hundreds or thousands of provider configurations across the whole organization. It's also the first of many features we're building to take Scalr beyond Terraform Cloud, so that a central team can set the guardrails and the rest of the company can still move on its own.
How Do I Get Started?
Provider Configurations can be managed from either the Scalr UI or the Scalr Terraform provider. The UI is the quickest way to get started for ad-hoc setup, while the Terraform provider is the recommended path for managing configurations as code at scale. To open the UI, visit the following link after substituting your account name and id: https://
Getting started in the product
Terraform Providers: Complete Configuration and Management Guide
Learn about what Terraform providers are and how to use them with examples.