The official Terraform provider for CloudTruth by Sigma-Automate. Manage your CloudTruth configuration as code, enabling infrastructure as code practices for your application configuration and secrets management.
- Projects & Environments: Organize configuration with hierarchical projects and environments
- Parameters & Values: Manage configuration parameters with environment-specific values
- Templates: Create dynamic configuration templates using CloudTruth parameters
- Type Validation: Define custom parameter types with validation rules
- Access Control: Manage user groups and access grants
- Integrations: Configure AWS and Azure Key Vault integrations for secrets sync
- Tags: Version your configuration with environment tags
- Terraform >= 1.3
- Go >= 1.21 (for development)
- CloudTruth Account and API key
The provider is available on the Terraform Registry. Add it to your Terraform configuration:
terraform {
required_providers {
cloudtruth = {
source = "cloudtruth/cloudtruth"
version = "~> 0.9.0" # Check for latest version
}
}
}
provider "cloudtruth" {
api_key = var.cloudtruth_api_key # Or use CLOUDTRUTH_API_KEY env var
}git clone https://github.com/cloudtruth/terraform-provider-cloudtruth.git
cd terraform-provider-cloudtruth
make buildGenerate an API key from the CloudTruth dashboard.
# Set via environment variable (recommended):
# export CLOUDTRUTH_API_KEY=your-api-key-here
provider "cloudtruth" {
# api_key is optional if CLOUDTRUTH_API_KEY is set
}# Create a project
resource "cloudtruth_project" "app" {
name = "my-application"
description = "Application configuration"
}
# Create a parameter
resource "cloudtruth_parameter" "database_url" {
name = "DATABASE_URL"
project = cloudtruth_project.app.name
secret = true
}
# Set environment-specific values
resource "cloudtruth_parameter_value" "db_url_dev" {
parameter_name = cloudtruth_parameter.database_url.name
project = cloudtruth_project.app.name
environment = "development"
value = "postgresql://localhost:5432/myapp_dev"
}
resource "cloudtruth_parameter_value" "db_url_prod" {
parameter_name = cloudtruth_parameter.database_url.name
project = cloudtruth_project.app.name
environment = "production"
value = "postgresql://prod.example.com:5432/myapp"
}- Provider Documentation - Complete reference for all resources and data sources
- CloudTruth Documentation - Learn about CloudTruth concepts and features
- Examples - Example configurations for common use cases
cloudtruth_project- Configuration projects with inheritancecloudtruth_environment- Deployment environmentscloudtruth_parameter- Configuration parameterscloudtruth_parameter_value- Environment-specific parameter valuescloudtruth_template- Dynamic configuration templatescloudtruth_type- Custom parameter types with validationcloudtruth_tag- Environment tags for versioningcloudtruth_group- User groupscloudtruth_access_grant- Access control grantscloudtruth_aws_integration- AWS integrationscloudtruth_aws_import_action- AWS import actionscloudtruth_aws_push_action- AWS push actionscloudtruth_azure_integration- Azure Key Vault integrationscloudtruth_azure_import_action- Azure import actionscloudtruth_azure_push_action- Azure push actions
cloudtruth_parameter_value- Read parameter valuescloudtruth_parameter_values- Read multiple parameter valuescloudtruth_template- Read template contentcloudtruth_templates- List templatescloudtruth_tag- Read tag informationcloudtruth_user- Read user informationcloudtruth_users- List users
make build# Unit tests
make test
# Acceptance tests (requires CloudTruth credentials)
export CLOUDTRUTH_API_KEY=your-test-api-key
export CLOUDTRUTH_PROJECT=AcceptanceTest
make testaccmake fmt # Format code
make fmtcheck # Check formatting
make lint # Run linters
make vet # Run go vetgo run github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocsThe OpenAPI client is auto-generated. To regenerate from the latest API spec:
make clientWe welcome contributions! Please see our contributing guidelines for details on:
- Reporting bugs
- Suggesting enhancements
- Submitting pull requests
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes
- Run tests and linters (
make test,make lint) - Commit your changes (
git commit -m 'Add amazing feature') - Push to your branch (
git push origin feature/amazing-feature) - Open a Pull Request
# Clone your fork
git clone https://github.com/YOUR-USERNAME/terraform-provider-cloudtruth.git
cd terraform-provider-cloudtruth
# Install dependencies
go mod download
# Run tests
make test- Documentation: docs.cloudtruth.com
- Issues: GitHub Issues
- Email: support@cloudtruth.com
For security concerns, please email security@cloudtruth.com instead of using the public issue tracker.
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
CloudTruth by Sigma-Automate is a universal configuration and secrets management platform that helps teams:
- Centralize configuration across all environments
- Eliminate configuration drift and errors
- Integrate with existing tools and workflows
- Maintain audit trails and access controls
- Sync secrets with AWS, Azure, and other platforms
CloudTruth is now part of Sigma-Automate, bringing together best-in-class configuration management with enterprise automation solutions.
Learn more at cloudtruth.com or try it free at app.cloudtruth.com.