Generate an Access Token for Terraform

JFrog Artifactory Documentation

ft:sourceType
Paligo

To use Artifactory with your Terraform CLI, you will need to generate an access token using the following two methods:

The token will allow you to resolve Terraform module/provide packages using Terraform Registry, and to set up Artifactory as the remote state and locking provider using Terraform Backend repository.

Generating an Access Token Using Browser Login
  1. Natively run the Terraform login to your Artifactory domain to generate an access token and save it in the Credentials file ( ~/.terraform.d/credentials.tfrc.json.). When you run the login, the following page opens.

    Terraform_setmeup_CLI.png

    The Terraform command line login process is displayed.

    terraform_command_line_login.png
  2. You are routed to the JFrog Platform login page and the following page opens.

    terraform_CLI_authorization_page.png
  3. Click Approve. The following message is displayed.

    Terraform_CLI_confirmation_page.png
  4. Close the page and return to the command line to view the success message.

    terraform_cli_login_success_message.png
  5. Next, perform a one-time edit to the  ~/.terraformrc file to ensure that the CLI searches for the providers only in the Artifactory. For this purpose, we recommend only pointing to the Terraform Virtual repository.

Manually Generating an Identity Token
  1. Generate an identity token that you can use to connect Artifactory to the Terraform CLI. For more details, please refer to User Profile - Identity Token.Introduction to the User Profile

  2. Create a file named 'credentials.tfrc.json~/.terraformrc' in your Terraform directory, ('~/.terraform.d/credentials.tfrc.json ').

  3. Update the identity token you generated in the credentials.tfrc.json file, as in the example below:

    #cat ~/.terraform.d/credentials.tfrc.json
     
    {
        "credentials": {
            "ARTIFACTORY-DOMAIN": {
                "token": "IDENTITY-TOKEN"
                }
            }
        }
    

Note

If you have added the access token in credentials.tfrc.json, you do not need to login again using Terraform login servername.jfrog.io.