Terraform Provider
Manage TigerAccess as infrastructure as code with the official Terraform provider. Automate access control configuration, enable GitOps workflows, and enforce policy as code.
Infrastructure as Code for Access Control
Manage privileged access with the same workflows you use for infrastructure.
Infrastructure as Code
Define users, roles, resources, and access policies as Terraform code. Version control all access configurations alongside your infrastructure definitions.
Policy as Code
Codify access control policies with Terraform. Enforce security standards through code review, testing, and automated validation.
State Management
Leverage Terraform state to track all TigerAccess resources. Import existing configurations and maintain drift detection for compliance.
GitOps Workflows
Integrate with CI/CD pipelines for automated access control deployment. Manage changes through pull requests with peer review and audit trails.
Comprehensive Resource Coverage
Get Started in Minutes
Follow these simple steps to start managing TigerAccess with Terraform.
Install Terraform Provider
Configure the TigerAccess Terraform provider in your Terraform configuration with the required version and authentication settings.
terraform {
required_providers {
tigeraccess = {
source = "tigeraccess/tigeraccess"
version = "~> 1.0"
}
}
}
provider "tigeraccess" {
addr = "https://tigeraccess.example.com:3025"
cert_path = "/path/to/client.pem"
key_path = "/path/to/client-key.pem"
root_ca = "/path/to/ca.pem"
}Define Access Resources
Create Terraform resources to manage roles, users, and access policies. Use resource dependencies to ensure proper creation order.
resource "tigeraccess_role" "developers" {
metadata {
name = "developers"
description = "Development team access"
labels = {
team = "engineering"
env = "dev"
}
}
spec {
allow {
logins = ["ubuntu", "ec2-user", "admin"]
node_labels = {
env = ["dev", "staging"]
team = ["engineering"]
}
kubernetes_labels = {
env = ["dev"]
}
database_labels = {
env = ["dev", "staging"]
}
rules {
resources = ["db", "kube_cluster", "app"]
verbs = ["list", "read"]
}
}
options {
max_session_ttl = "8h"
}
}
}
resource "tigeraccess_user" "alice" {
metadata {
name = "[email protected]"
}
spec {
roles = [tigeraccess_role.developers.metadata[0].name]
}
}
resource "tigeraccess_database" "postgres_dev" {
metadata {
name = "postgres-dev"
labels = {
env = "dev"
team = "engineering"
}
}
spec {
protocol = "postgres"
uri = "postgres.dev.example.com:5432"
}
}Deploy and Manage
Use standard Terraform commands to plan, apply, and manage your access control configuration. Import existing resources to manage them with Terraform.
# Initialize Terraform and download provider
terraform init
# Preview changes before applying
terraform plan
# Apply configuration to TigerAccess
terraform apply
# Import existing resources into Terraform state
terraform import tigeraccess_user.bob [email protected]
terraform import tigeraccess_role.admins admins
# Show current state
terraform show
# Validate configuration
terraform validateReal-World Scenarios
Automated User Provisioning
Automatically provision users, roles, and access policies as part of your infrastructure deployment. Ensure access is configured before resources go live with declarative Terraform configurations.
GitOps Access Control
Manage all access policies through Git repositories. Enable peer review, automated testing, comprehensive audit trails, and rollback capabilities for access control changes.
Multi-Environment Management
Use Terraform workspaces and modules to manage different access configurations across dev, staging, and production environments. Reuse common patterns with shared modules.
Compliance Automation
Enforce organizational security policies through Terraform validation. Automatically test access configurations in CI/CD pipelines and prevent non-compliant changes from being deployed.
Frequently Asked Questions
Can I import existing TigerAccess resources into Terraform?
Yes. The TigerAccess provider supports importing existing resources into Terraform state using the standard "terraform import" command. This allows you to gradually migrate to infrastructure as code without recreating resources.
How do I manage secrets and sensitive data in Terraform?
Use Terraform sensitive variables, environment variables, or integrate with secret management tools like HashiCorp Vault. The provider marks sensitive fields (passwords, private keys) to prevent them from appearing in logs or console output.
Can I use Terraform modules for common access patterns?
Absolutely. Create reusable Terraform modules for common patterns like database access roles, developer roles, or production access workflows. Share modules across your organization through private registries or version control.
Does the provider support all TigerAccess features?
The Terraform provider supports the most common TigerAccess resources including users, roles, policies, connectors, databases, Kubernetes clusters, and applications. Check the provider documentation for the complete list of supported resources and data sources.
How do I handle Terraform state in production?
Use remote state backends like Terraform Cloud, S3 with DynamoDB locking, or other supported backends. Never commit state files to version control as they may contain sensitive information. Enable state encryption at rest for additional security.
Ready to Secure Your Infrastructure?
Join thousands of security-conscious teams using TigerAccess to protect their critical infrastructure and AI agents.
No credit card required • 14-day free trial • Enterprise support available