How to Share Private Modules Across HCP Terraform Organizations

Problem

By default, workspaces in one HCP Terraform organization cannot access private modules from a different organization's private registry. HCP Terraform provides temporary credentials that are scoped to a single organization during a run, which prevents direct cross-organization module access.

While it is technically possible to mix modules from multiple organizations when running the Terraform CLI locally, HashiCorp strongly recommends against this approach as it can create complex and fragile workflows.

Recommendation

The recommended method for sharing modules across multiple HCP Terraform organizations is to share access to the underlying Version Control System (VCS) repository that contains the module's source code.

This approach involves two main steps:

1. Share the VCS Repository: In your VCS provider (e.g., GitHub, GitLab), grant each HCP Terraform organization's account or team the necessary permissions to access the module's repository.
2. Register the Module in Each Organization: In each HCP Terraform organization, add the module to its private registry, pointing to the same shared VCS repository.

After you complete this setup, pushing new version tags to the VCS repository will automatically publish the new module version to the private registries of all connected organizations. This method allows for secure code reuse while respecting organizational boundaries.