HashiCorp : Terraform Cloud

Terraform Cloud Private Module Registry

Lab Solution Private Module Registry

Welcome to this hands-on lab where you'll learn to manage private providers and modules in Terraform Cloud. The Private Module Registry enables your team to securely store and share Terraform providers and modules within your organization.

Prerequisites

Note

Ensure you have:

  • A Terraform Cloud account with organization permissions
  • A connected VCS provider (e.g., GitHub)
  • terraform CLI installed and authenticated

1. Importing Public Providers and Modules

First, import existing public resources into your Private Module Registry:

  1. Navigate to Registry » Providers, search for hashicorp/aws, and click Add to organization.
    The image shows a dialog box for adding a provider to an organization in Terraform Cloud, specifically adding the "hashicorp/aws" provider. There are options to "Add to organization" or "Cancel."

  2. Switch to the Modules tab, search for the S3 bucket module, and click Add to organization.

Once complete, your Private Module Registry will include the AWS provider and the S3 bucket module.

2. Forking and Publishing a Private Module

Next, fork a public module repository and publish it privately:

  1. On the public Terraform Registry, open the AWS Security Group module and click the GitHub repo link.
    The image shows a GitHub repository page for "terraform-aws-security-group," displaying the file structure and repository details such as stars, forks, and recent commits.

  2. Fork the repository into your GitHub account.
    The image shows a GitHub interface for creating a new fork of a repository named "terraform-aws-security-group." It includes options to set the owner, repository name, and description, with a button to create the fork.

  3. In Terraform Cloud, go to Registry » Private Module Registry, click Publish, select your GitHub VCS provider, and choose the forked repo.
    The image shows a user interface for adding a module in Terraform Cloud, where the user can connect to a VCS and choose a repository from a list. The sidebar includes options like Workspaces, Registry, and Settings.

After publishing, Terraform Cloud displays the module README and usage details:

The image shows a webpage for a Terraform module named "security-group," which creates EC2-VPC security groups on AWS. It includes details like version, publication time, and usage instructions.

You can now source this private module:

module "security-group" {
  source  = "app.terraform.io/Mastering-Terraform-Cloud/security-group/aws"
  version = "4.13.1"
}

3. Selecting a Specific Module Version

To use an earlier version (for example, 4.8.0), update your module block:

module "security-group" {
  source  = "app.terraform.io/Mastering-Terraform-Cloud/security-group/aws"
  version = "4.8.0"
}

4. Consuming the Private Module in a Terraform Project

Finally, integrate the private module into your application:

  1. Copy the Clumsy Birds repo URL.
    The image shows a GitHub repository page for a project named "Clumsy Birds," with details about branches, commits, and files such as `.gitignore` and `README.md`. The repository is private and has no stars or forks.

  2. Clone and switch to the development branch:

    git clone https://github.com/your-org/clumsy_bird.git
    cd clumsy_bird
    git checkout development
    
  3. Create security_groups.tf and add:

    module "security-group-http" {
      source              = "app.terraform.io/Mastering-Terraform-Cloud/security-group/aws"
      version             = "4.8.0"
      name                = "http-traffic-${var.env}"
      description         = "Security group for HTTP traffic"
      vpc_id              = module.vpc.vpc_id
      ingress_cidr_blocks = ["10.10.0.0/16"]
    }
    
  4. Commit and push your changes:

    git config --global user.email "[email protected]"
    git config --global user.name "Your Name"
    git add security_groups.tf
    git commit -m "Add private security group module for HTTP traffic"
    git push origin development
    

Terraform Cloud will trigger a run; upon success, the security group appears in AWS.

Warning

Ensure your module’s semantic versioning aligns with your organization’s policy. Misaligned versions may break downstream workflows.

Summary of Actions

StepActionDestination
Import public itemsAdd provider & moduleTerraform Cloud Registry
Fork & publish private moduleGitHub fork & Terraform CloudPrivate Module Registry
Select specific module versionUpdate version attributeTerraform configuration
Consume module in project workspaceClone repo & add module blockClumsy Birds development branch

This completes the lab on the Terraform Cloud Private Module Registry. Proceed to the next module for advanced collaboration features.

Watch Video

Watch video content

Previous
Private Module Registry