Opal
1. Installation
Section titled “1. Installation”First you will need to install terraformer with the opal provider. See the readme.
2. Set up a template terraform workspace
Section titled “2. Set up a template terraform workspace”Before you can use terraformer, you need to create a template workspace so that terraformer can access the opalsecurity/opal provider.
To do this, create a new directory with a basic provider.tf file:
terraform { required_providers { opal = { source = "opalsecurity/opal" version = "0.0.2" } }}
provider "opal" { # Configuration options}then run:
$ terraform initYou should see the output: Terraform has been successfully initialized!
3. Run terraformer:
Section titled “3. Run terraformer:”export OPAL_AUTH_TOKEN=Your token from https://app.opal.dev/settings#api# If you are running an on-prem installation, you will need to provide a base url as well:# export OPAL_BASE_URL=Your token from https://my.opal.com
./terraformer import opal --resources=* --path-pattern {output}/{provider}You can also specify only certain kinds of resources to import as well, i.e. --resources=owner.
Note that we currently do not support the terraformer --filter flag.
4. Inspect the imported terraform files
Section titled “4. Inspect the imported terraform files”You should now see a generated/ subdirectory with generated files. If you are migrating
state generated by older Terraformer releases, you may need to run a provider source migration:
$ cd generated/opal/$ terraform state replace-provider -auto-approve "registry.terraform.io/-/opal" "opalsecurity/opal"You can now initialize and use your new generated resources:
$ terraform init$ terraform plan # No changes. Your infrastructure matches the configuration.Supported Opal resources:
Section titled “Supported Opal resources:”groupopal_group
message_channelsopal_message_channels
on_call_schedulesopal_on_call_schedules
owneropal_owner
resourceopal_resource