Introduction
This guide provides instructions for creating an API token with read-only access to your organization's Private Module Registry (PMR) in HCP Terraform or Terraform Enterprise. The resulting token will not have permission to access workspaces or projects, nor will it be able to modify the PMR.
Expected Outcome
You will have a team API token that can be used to authenticate with and read from the Private Module Registry, suitable for use in CI/CD pipelines or other automation where read-only access is required.
Prerequisites
- You must have organization owner permissions in HCP Terraform or Terraform Enterprise to create teams and manage permissions.
Procedure
- Navigate to your organization's Settings > Teams and select Create a new team (or skip to step 5 if you've already have a team you would like to use).
- Provide a name for the team, such as
pmr-read-only. Under the Organization Access section, ensure that no permissions are selected. This restricts the team from accessing workspaces, projects, or other organization-level settings.
- Select Create team to save the new team.
- Navigate to the new team's settings page, select Tokens from the left menu, and then select Create a team token.
- Provide a description for the token and select Create token.
- Copy the generated token and store it securely. You will not be able to view it again.
Additional Information
- For more details on managing teams, please refer to the official documentation for Teams in HCP Terraform.
- For further information on API tokens, consult the API Tokens documentation.