How to use Terraform CLI with Local Mirror for Provider Plugins for system without internet access

Avatar
Fawaz Akhtar
  • Updated

 

Introduction

This solution is designed for customers who prefer to use a local path for providers and plugins instead of relying on internet access.

Note : Provider network mirrors are supported only in Terraform CLI v0.13.2 and later.

Use Case

The use case for this guide is to enable Terraform CLI to access provider plugins from a local mirror, allowing users to download and manage provider plugins without internet access.

Procedure

1. Create Mirror

To create a local mirror solution, follow these steps:

  • Download the provider plugin from the internet-accessible system.
  • Move the provider plugin to a system without internet access.
  • Create the necessary configuration files:
    • .terraformrc for Linux.
    • terraform.rc for Windows.

Set environmental variables:

Use the following command to download provider plugins , please find the documentation on command here.

terraform providers mirror [options] <target-dir>

 

2. Use Mirror

In this example, we'll demonstrate using a mirror on MacOS:

  • Download the provider plugin and move it to a specific folder (e.g., /users/macosuser/home/terraform_mirror).
  • Create a .terraformrc file with the following content:

 

provider_installation {
  filesystem_mirror {
    path = "/users/macosuser/home/terraform_mirror"
    include = ["registry.terraform.io/*/*"]
  }
}
  • Export environmental variables:
export TF_PLUGIN_CACHE_DIR="/users/macosuser/home/terraform_mirror”
export TF_CLI_CONFIG_FILE="/users/macosuser/home/terraform_mirror/.terraformrc"
  • Create a main.tf file with the required provider configuration:
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "4.50.0"  #--> Specify the version that you have downloaded from internet 
    }
  }
}

provider aws {
 region = "ap-south-1"
}

 

3. Sample Run

Follow these steps to perform a sample run:

  • Copy the provider plugin to /users/macosuser/home/terraform_mirror.
  • Create a .terraformrc file with the provider_installation block in /users/macosuser/home/terraform_mirror.
  • Export the following environmental variables:
export TF_PLUGIN_CACHE_DIR="/users/macosuser/home/terraform_mirror”
export TF_CLI_CONFIG_FILE="/users/macosuser/home/terraform_mirror/.terraformrc"
  • Create a main.tf file.
  • Run terraform init 
Initializing the backend...

Initializing provider plugins...

     Finding latest version of hashicorp/aws...
     Using hashicorp/aws v4.50.0 from the shared cache directory

This example demonstrates setting up a mirror to use provider plugins from the local file system.

 

Additional Information

  • The TF_PLUGIN_CACHE_DIR variable specifies the location where the plugin exists.
  • The TF_CLI_CONFIG_FILE variable specifies the location of the .terraformrc file.
  • The required_providers block in main.tf ensures pinning the provider to the same version downloaded from the internet.

By following these steps, users can effectively manage Terraform provider plugins locally without direct internet access.

Articles in this section

See more

Related articles