Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
ae342e6f
Commit
ae342e6f
authored
Jul 08, 2020
by
Tiger
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update docs for Terraform state API permissions
parent
dd7907d3
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
11 additions
and
6 deletions
+11
-6
doc/user/infrastructure/index.md
doc/user/infrastructure/index.md
+9
-6
doc/user/permissions.md
doc/user/permissions.md
+2
-0
No files found.
doc/user/infrastructure/index.md
View file @
ae342e6f
...
...
@@ -36,6 +36,14 @@ To get started with a GitLab-managed Terraform State, there are two different op
-
[
Use a local machine
](
#get-started-using-local-development
)
.
-
[
Use GitLab CI
](
#get-started-using-gitlab-ci
)
.
## Permissions for using Terraform
In GitLab version 13.1,
[
Maintainer access
](
../permissions.md
)
was required to use a
GitLab managed Terraform state backend. In GitLab versions 13.2 and greater,
[
Maintainer access
](
../permissions.md
)
is required to lock, unlock and write to the state
(using
`terraform apply`
), while
[
Developer access
](
../permissions.md
)
is required to read
the state (using
`terraform plan -lock=false`
).
## Get started using local development
If you plan to only run
`terraform plan`
and
`terraform apply`
commands from your
...
...
@@ -54,8 +62,7 @@ local machine, this is a simple way to get started:
```
1.
Create a
[
Personal Access Token
](
../profile/personal_access_tokens.md
)
with
the
`api`
scope. The Terraform backend is restricted to users with
[
Maintainer access
](
../permissions.md
)
to the repository.
the
`api`
scope.
1.
On your local machine, run
`terraform init`
, passing in the following options,
replacing
`<YOUR-PROJECT-NAME>`
,
`<YOUR-PROJECT-ID>`
,
`<YOUR-USERNAME>`
and
...
...
@@ -89,10 +96,6 @@ Next, [configure the backend](#configure-the-backend).
After executing the
`terraform init`
command, you must configure the Terraform backend
and the CI YAML file:
CAUTION:
**Important:**
The Terraform backend is restricted to users with
[
Maintainer access
](
../permissions.md
)
to the repository.
1.
In your Terraform project, define the
[
HTTP backend
](
https://www.terraform.io/docs/backends/types/http.html
)
by adding the following code block in a
`.tf`
file (such as
`backend.tf`
) to
define the remote backend:
...
...
doc/user/permissions.md
View file @
ae342e6f
...
...
@@ -142,6 +142,8 @@ The following table depicts the various user permission levels in a project.
| Manage clusters | | | | ✓ | ✓ |
| Manage Project Operations | | | | ✓ | ✓ |
| View Pods logs | | | | ✓ | ✓ |
| Read Terraform state | | | ✓ | ✓ | ✓ |
| Manage Terraform state | | | | ✓ | ✓ |
| Manage license policy
**(ULTIMATE)**
| | | | ✓ | ✓ |
| Edit comments (posted by any user) | | | | ✓ | ✓ |
| Manage Error Tracking | | | | ✓ | ✓ |
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment