PlatformResourcesSign inSign Up

Terraform Enterprise (Run Tasks)

Suggest Edits

Overview

Integrating Bridgecrew with Terraform Enterprise embeds Bridgecrew's library of hundreds of out-of-the-box policies into every workspace run. Bridgecrew scans the workspace plans you choose and displays the results both in Terraform Enterprise's Run's page and in the Bridgecrew platform.

When Bridgecrew is integrated with Terraform Enterprise Run Tasks, a Bridgecrew scan will be run after the Plan stage and before the Apply stage.

Bridgecrew scans the Plan file and sends Terraform Enterprise:

  • The status of the scan (Pass/Fail)
  • A short summary of the scan results with the number of resources scanned and errors found.
    Terraform Enterprise uses this status response to determine if a run should proceed, based on the task's enforcement settings within a workspace.
    See Terraform Cloud documentation for further details on Run Tasks.

The integration includes steps in both Terraform Enterprise and Bridgecrew Cloud.

How to Integrate

Part 1 - Bridgecrew Cloud

From the Integrations Catalog, under CI/CD, select Terraform Enterprise (Run Tasks).

Part 2 - In Terraform Enterprise

  1. Under User Settings, select Tokens.
  2. Create a new API token, or use an existing one. Note that you should use a token of a user that has the Manage Run Tasks permission for the organization and the Manage Workspace Run Tasks permission on that particular workspace.

Part 3 - In Bridgecrew Cloud

  1. Copy your Terraform user token and paste it under User Token.
  2. Enter the Terraform Enterprise Domain, then select NEXT.

  1. Select the Terraform Enterprise organization for the Run Task, then select NEXT.

📘

Note

Every integration can be associated with only one Terraform Enterprise organization at a time. You can create multiple integrations with multiple Terraform Enterprise organizations from a single Bridgecrew account.

  1. Select one or more workspaces for the Run Task.
  2. Under Run Stage, select one of the following options:
  • Post-plan - the scan will run after Terraform generates the plan.
  • Pre-plan - the scan will run before Terraform generates the plan.

  1. Select NEXT and then DONE.

📘

Note

After the next Terraform Enterprise scan, the scanned workspace will appear in the Integrations grid; for further details, see here.

Whenever a plan update is triggered in Terraform Enterprise for the configured workspaces, Bridgecrew Run Task will be run. If the task fails, the number of errors found is displayed. Select Details to go to Bridgecrew Cloud for full information.

Edit Workspaces

Edit workspaces to ensure that the Bridgecrew integration with Terraform Enterprise (Run Tasks) remains effective and meets the changing needs of your organization.

Steps

  1. Access the Bridgecrew - Terraform Enterprise (Run Tasks) integration: Navigate to Integrations > Add Integration.

    📘

    Note

    A green checkmark signifies that Terraform Enterprise (Run Tasks is integrated).

  2. Select the integrated Terraform Enterprise (Run Tasks) from the "CI/CD Systems" catalog.
    You are redirected to the Terraform Enterprise (Run Tasks) Accounts page.

  3. Select the menu (icon) linked to an account from the list of configured accounts > Reselect Workspaces.

    The "Select Workspaces" step of the Terraform Enterprise (Run Tasks) integration wizard is displayed.

  4. Edit the Workspace - see Steps 4, 5 in Part 3 of How to Integrate above > Next > Done.

    📘

    Note

    While editing the workflow, you cannot return to a previous step of the integration.

Add Integrations

Add a new Bridgecrew integration with Terraform Enterprise (Run Tasks) to meet requirements.

Steps

  1. Access the Bridgecrew - Terraform Enterprise (Run Tasks) integration: Navigate to Integrations > Add Integration > select Terraform Enterprise (Run Tasks) in the CI/CD Systems catalog.
    You are redirected to the Terraform integration Accounts page.
  2. Select Add an Account.
    The "Configure Account" popup opens.
  3. Repeat the steps in Part 3 of How to Integrate above.
    The new account is added to the list.

Delete Integrations

Delete a Bridgecrew integration with Terraform Cloud (Run Tasks) when no longer required.

Steps

  1. Access the Bridgecrew - Terraform Enterprise (Run Tasks) integration: Navigate to Integrations > Add Integration > Select the integrated Terraform Enterprise (Run Tasks) in the CI/CD Systems catalog.
    You are redirected to the Terraform integration Accounts page.
  2. Select the menu (icon) linked to the account in the list that you want to delete > Delete Integration.
    The integration is deleted from the list of integrations as well as from the global list of integrations.

Updated about 2 months ago