Introduction
This article explains how to configure a Terraform Enterprise (TFE) workspace to authenticate with Artifactory for downloading private Terraform modules during a run. When a Terraform run is triggered in TFE, it will automatically retrieve the necessary module source code from Artifactory without requiring manual intervention.
Prerequisites
Before you begin, ensure you have the following:
- An Artifactory authentication token. For instructions, refer to the JFrog documentation on how to generate an access token for Terraform.
- Terraform configuration files that reference the private modules stored in Artifactory.
- The module
sourcepath in your Terraform configuration points to the correct Artifactory URL where your modules are stored.
Procedure
To authenticate a TFE workspace to Artifactory, you can use a host-specific environment variable in your workspace settings. Terraform CLI uses environment variables with the prefix TF_TOKEN_ followed by the hostname to authenticate to private module registries.
To create the variable name, replace any periods (.) in the hostname with underscores (_). For example, if your Artifactory hostname is examplecorp.jfrog.io, you must create an environment variable named TF_TOKEN_examplecorp_jfrog_io.
- Navigate to your workspace in Terraform Enterprise.
- Go to the Variables section.
- Under Environment Variables, select Add variable.
- Enter the Key using the
TF_TOKEN_format. For example:TF_TOKEN_examplecorp_jfrog_io. - Enter your Artifactory authentication token as the Value.
- Mark the variable as Sensitive to protect the token.
- Click Save variable.
Terraform will now use this token as a bearer authorization token for all service requests to that hostname.
Additional Information
For more details on this authentication method, please see the official documentation on Environment Variable Credentials.