Terraform
Terraform Integration Program
The Terraform Integration Program facilitates prospect partners in creating and publishing Terraform integrations validated by HashiCorp.
Types of Terraform Integrations
The Terraform ecosystem enables users to apply Terraform across different use cases and environments. The Terraform Integration Program currently supports both workflow and integration partners. Some partners can be both, depending on their use cases.
Workflow Partners build integrations for HCP Terraform, Terraform Enterprise, or both. Typically, these partners seek to enable customers to use their existing platform within a Terraform Run.
Infrastructure Partners build Terraform providers (plugins) to empower customers and users to leverage Terraform to manage resources exposed by their platform APIs. These providers are accessible to users of all Terraform editions.
Our Workflow Partners typically have the following use cases:
- Code Scanning: Partners that provide tooling to review IaC configurations to prevent errors or security issues.
- Cost Management: Partners that analyze the impact of new infrastructure to cost and apply cost governance.
- Observability/Monitoring: Partners focused on providing visibility of performance or automatically detect infrastructure changes and ensure optimal observability in place.
- Security: Partners that detect Terraform configuration errors that do not align with security and compliance policies.
- Audit: Partners that help manage multi-cloud infrastructure resources to discover, prevent service disruptions, improve governance, and increase efficiency.
- No code/low code: Partners focused on implementing, deployment and delivery of IT, Supply Chain, Operations Management, Business Management and other workflows
- SSO (Single Sign On): Partners focused on authentication for end users to securely sign on.
- CI/CD: Partners focused on continuous integration and continuous delivery/deployment.
- VCS: Partners focused on tracking and managing software code changes.
Most workflow partners create run tasks that let them integrate their services directly into the Terraform workflow. Run tasks let HCP Terraform execute tasks in external systems at certain points in the HCP Terraform run lifecycle. Specifically, HCP Terraform users can configure run tasks to execute during the pre-plan, post-plan and the pre-apply run stages. Refer to the HCP Terraform Integrations or Terraform Enterprise Integrations documentation for more details.
Most workflow partners create run tasks that let them integrate their services directly into the Terraform workflow. Most workflow partners integrate with the Terraform workflow itself. Run tasks allow HCP Terraform to execute tasks in external systems at specific points in the HCP Terraform run lifecycle. This integration offers much more extensibility to HCP Terraform customers, enabling them to integrate your services into the HCP Terraform workflow. This feature allows users to add and execute these tasks during the pre-plan, post-plan and pre-apply stages. Eventually, we will open the third phase of this workflow to HCP Terraform users, the post-apply stage. Refer to the HCP Terraform Integrations or Terraform Enterprise Integrations documentation for more details.
Our Infrastructure Partners typically have the following use cases:
- Public Cloud: These are large-scale, global cloud providers that offer a range of services including IaaS, SaaS, and PaaS.
- Container Orchestration: These partners help with container provisioning and deployment.
- IaaS (Infrastructure-as-a-Service): These are infrastructure and IaaS providers that offer solutions such as storage, networking, and virtualization.
- Security & Authentication: These are partners with authentication and security monitoring platforms.
- Asset Management: These partners offer asset management of key organization and IT resources, including software licenses, hardware assets, and cloud resources.
- CI/CD: These partners focus on continuous integration and continuous delivery/deployment.
- Logging & Monitoring: These partners offer the capability to configure and manage services such as loggers, metric tools, and monitoring services.
- Utility: These partners offer helper functionality, such as random value generation, file creation, http interactions, and time-based resources.
- Cloud Automation: These partners offer specialized cloud infrastructure automation management capabilities such as configuration management.
- Data Management: These partners focus on data center storage, backup, and recovery solutions.
- Networking: These partners integrate with network-specific hardware and virtualized products such as routing, switching, firewalls, and SD-WAN solutions.
- VCS (Version Control Systems): These partners focus on VCS (Version Control System) projects, teams, and repositories from within Terraform.
- Comms & Messaging: These partners integrate with communication, email, and messaging platforms.
- Database: These partners offer capabilities to provision and configure your database resources.
- PaaS (Platform-as-a-Service): These are platform and PaaS providers that offer a range of hardware, software, and application development tools. This category includes smaller-scale providers and those with more specialized offerings.
- Web Services: These partners focus on web hosting, web performance, CDN and DNS services.
Infrastructure partners integrate by building and publishing a plugin called a Terraform provider. Providers are executable binaries written in Go that communicate with Terraform Core over an RPC interface. The provider acts as a translation layer for transactions with external APIs, such as a public cloud service (AWS, GCP, Azure), a PaaS service (Heroku), a SaaS service (DNSimple, CloudFlare), or on-prem resources (vSphere). Providers work across Terraform OSS, HCP Terraform and Terraform Enterprise. Refer to the Terraform Provider Integrations documentation for more detail.
Terraform Provider Integrations
You can follow the five steps. below to develop your provider alongside HashiCorp. This ensures that you can publish new versions with Terraform quickly and efficiently.
- Prepare: Develop integration using included resources
- Publish: Publish provider to the Registry or plugin documentation
- Apply: Apply to Technology Partnership Program
- Verify: Verify integration with HashiCorp Alliances team
- Support: Vendor provides ongoing maintenance and support
We encourage you to follow the tasks associated with each step fully to streamline the development process and minimize rework.
All providers integrate into and operate with Terraform exactly the same way. The table below is intended to help users understand who develops, and maintains a particular provider.
Tier | Description | Namespace |
---|---|---|
Official | Official providers are owned and maintained by HashiCorp | hashicorp |
Partner | Partner providers are written, maintained, validated and published by third-party companies against their own APIs. To earn a partner provider badge the partner must participate in the HashiCorp Technology Partner Program. | Third-party organization, e.g. mongodb/mongodbatlas |
Community | Community providers are published to the Terraform Registry by individual maintainers, groups of maintainers, or other members of the Terraform community. | Maintainer’s individual or organization account, e.g. DeviaVir/gsuite |
Archived | Archived Providers are Official or Partner Providers that are no longer maintained by HashiCorp or the community. This may occur if an API is deprecated or interest was low. | hashicorp or third-party |
1. Prepare
To get started with the Terraform provider development, we recommend reviewing and following the articles listed below.
Provider Development Kit
a) Writing custom providers guide
b) Creating a Terraform Provider for Just About Anything: video
c) Sample provider developed by partner
d) Example provider for reference: AWS, OPC
e) Contributing to Terraform guidelines
f) HashiCorp Developer Discuss forum
Please submit questions or suggestions about the Terraform SDK and provider development to the HashiCorp Terraform plugin SDK forum. If you are new to provider development and would like assistance, you can leverage one of the following development agencies that have developed Terraform providers in the past:
Partner | Website | |
---|---|---|
Crest Data Systems | malhar@crestdatasys.com | www.crestdatasys.com |
Tech Mahindra | hashicorp@digitalonus.com | www.digitalonus.com |
Akava | bd@akava.io | www.akava.io |
OpenCredo | hashicorp@opencredo.com | www.opencredo.com |
Provider License
All Terraform providers listed as Partner must contain one of the following open source licenses:
- CDDL 1.0, 2.0
- CPL 1.0
- Eclipse Public License (EPL) 1.0
- MPL 1.0, 1.1, 2.0
- PSL 2.0
- Ruby's Licensing
- AFL 2.1, 3.0
- Apache License 2.0
- Artistic License 1.0, 2.0
- Apache Software License (ASL) 1.1
- Boost Software License
- BSD, BSD 3-clause, "BSD-new"
- CC-BY
- Microsoft Public License (MS-PL)
- MIT
2. Publish
After your provider is complete and ready to release, you can publish it the integration to the Terraform Registry. This makes it publicly available for all Terraform users.
Follow the Terraform Registry publishing documentation and review the provider publishing learn guide. If your company has multiple products with separate providers, we recommend publishing them under the same Github organization to help with discoverability.
Once completed, your provider will be visible in the Terraform Registry and available to use in Terraform. Please confirm that everything looks correct and that documentation is rendering properly.
3. Apply
After your provider is published, connect with HashiCorp Alliances to onboard your integration to the HashiCorp technology ecosystem or apply to become a technology partner.
4. Verify
Work with your HashiCorp Alliances representative to verify the plugin within the Registry and become listed as an HashiCorp technology partner integration on HashiCorp website.
5. Support
Building and publishing a new provider to the Terraform Registry is just the first step toward a quality Terraform integration. Integrations require consistent maintenance throughout their lifecycle.
HashiCorp Terraform has an extremely wide community of users and contributors, and we encourage the community to report issues and help resolve them. However, we expect that all partner provider publishers continue maintaining the provider and that they address user-reported issues in a timely manner. This includes resolving all critical issues within 48 hours and all other issues within 5 business days. HashiCorp reserves the right to remove partner status from any integration that does not meet our maintenance requirements.
If a vendor chooses not to support their provider, the provider's tag may change to Community, rather than Partner.
Terraform modules published by Partner: We now have the ability to tag partner published modules in the Terraform Registry. If you have a module that you want to receive the “Partner” tag, please contact technologypartners@hashicorp.com
HCP Terraform Integrations
Run tasks allow HCP Terraform to execute tasks in external systems at certain points in the HCP Terraform run lifecycle. Specifically, HCP Terraform users can add and execute these tasks during the pre-plan, post-plan and the pre-apply run stages. To execute a run task, HCP Terraform sends an API payload to the external system. This payload contains a collection of run-related information and a callback URL that the external system can use to send updates back to HCP Terraform.
The external system can then use this run information and respond back to HCP Terraform with a passed or failed status. HCP Terraform uses this status response to determine if a run should proceed, based on the task's enforcement settings within a workspace.
Partners who successfully complete the HCP Terraform integration checklist obtain an HCP Terraform badge. This badge signifies HashiCorp validated the integration under ideal conditions and the partner is a member of the HashiCorp Technology Partner Program.
The above badge will help drive visibility for the partner as well as provide better differentiation for joint customers. This badge will be available for partners to use at their digital properties (as per guidelines in the technology partner guide that partners receive when they join HashiCorp’s technology partner program).
The HCP Terraform Integration program has the following five steps.
- Engage: Sign up for the Technology Partner Program
- Develop & Test: Understand and build using the API integration for Run Tasks
- Review: Review integration with HashiCorp Alliances team
- Release: Provide documentation for your Integration
- Support: Vendor provides ongoing maintanance and support
1. Engage
For partners who are new to working with Hashicorp, we recommend signing up for our Technology Partner Program. To understand more about the program, check out our “Become a Partner” page.
2. Develop and Test
Partners should build an integration using the run tasks APIs in HCP Terraform. To learn more about how post-plan run tasks can enhance the HCP Terraform workflow, refer to the following diagram and read our run tasks announcement. For a more hands-on experience with run tasks follow the HCP Packer run tasks learn guide here.
For the run tasks API documentation click here.
To better understand how pre-plan run task enhances the Terraform workflow, refer to the diagram of pre-plan tasks. For additional API resources, click here.
3. Review
Schedule time with your Partner Alliance manager to review your integration. The review should include enabling the integration on the partner’s platform and HCP Terraform, explaining the use case for the integration, and a live demonstration of the functionality. If you are unable to engage with your Partner Alliances manager, you can also reach out to technologypartners@hashicorp.com.
4. Release
We add new partners to the Terraform Run Task page after the integration review and documentation is complete. On this page, you will provide a two-line summary about your integration(s). If you have multiple integrations, we highly recommend creating a summary that highlights all potential integration options.
You must provide documentation that helps users get started with your integration. You also need to provide documentation for our support team, including points of contact, email address, FAQ and/or best practices. We want to ensure end users are able to reach the right contacts for internal HashiCorp support when working with customers.
5. Support
At HashiCorp, we view the release step to be the beginning of the journey. Getting the integration built is just the first step in enabling users to leverage it against their infrastructure. On-going effort is required to support and maintain it after you complete the initial development.
We expect that partners will create a mechanism to track and resolve all critical issues as soon as possible (ideally within 48 hours) and all other issues within 5 business days. This is a requirement given the critical nature of HCP Terraform to a customer’s operation. If you choose not to support your integration, we cannot consider it verified and will not list it on the Terraform documentation website.
Terraform Enterprise Integrations
Terraform Enterprise integrations are workflow integrations that are validated against Terraform Enterprise. Partners with a verified Terraform Enterprise integration will be given a Terraform Enterprise verified badge. This signifies HashiCorp has verified the integration and the partner is a member of the HashiCorp Technology Partner Program. At this time we are working to release an official program around integrating with Terraform Enterprise. Until then, if you are interested in publishing a verified Terraform Enterprise integration, please reach out to us at technologypartners@hashicorp.com.
Contact us at technologypartners@hashicorp.com with any questions or feedback.
Upon successfully building a run task integration with HCP Terraform, partners can contact their alliance manager to validate it against Terraform Enterprise. Customers commonly deploy Terraform Enterprise in a private cloud or in an air-gapped environment, in which case partners need to ensure that their product can communicate bi-directionally with Terraform Enterprise inside the customer’s network.