Terraform Provider

Manage your StepSecurity configurations as code with our Terraform provider. Automate the setup of notification settings, policy-driven pull requests, user access controls and more across your GitHub organizations.

Quick Start Guide

Navigate to the Admin Console, then click on Integrations and select Terraform Provider. There, you’ll see the setup instructions — or simply follow the steps outlined below:

Step 1: Install Terraform

Step 2: Set Environment Variables

  • Export the required environment variables to authenticate the Terraform provider:

export STEP_SECURITY_API_KEY=***************
export STEP_SECURITY_CUSTOMER=<ORGANIZATION NAME>
  • STEP_SECURITY_API_KEY: Your StepSecurity API key

  • STEP_SECURITY_CUSTOMER: Your organization name

Step 3: Create Terraform Configuration

Create a main.tf file with the following content to define the StepSecurity provider:

terraform {
  required_providers {
    stepsecurity = {
      source = "step-security/stepsecurity"
    }
  }
}

provider "stepsecurity" {
  # Configuration will be read from environment variables
  # STEP_SECURITY_API_KEY, STEP_SECURITY_CUSTOMER
}

Step 4: Add Resources

You can now define Terraform resources to manage your StepSecurity configurations. Here’s an example of creating a GitHub user with organizational access:

# Create a GitHub user with organization access
resource "stepsecurity_user" "example_user" {
  user_name = "github-username"
  auth_type = "Github"
  policies = [
    {
      type         = "github"
      role         = "auditor"
      scope        = "organization"
      organization = "your-org-name"
    }
  ]
}

This configuration grants the specified GitHub user read-only access to the organization’s StepSecurity-managed GitHub workflows and policies.

Step 5: Run Terraform Commands

Use the following commands to deploy your configuration:

terraform init    # Initialize the working directory
terraform plan    # Preview the changes
terraform apply   # Apply the configuration

Further Reading

Last updated

Was this helpful?