Create a Blueprint from a Terraform module

This getting started guide introduces you to creating a blueprint from a Terraform module. You will also deploy and install the environment.



In this guide we will perform the following steps to create a blueprint from a Terraform module and test it:

Creating and deploying the blueprint

Step 1: Define Credential Secrets

In this step we will define secrets for the cloud, such as AWS, that you would like to use. The secrets, such as an AWS Access Key ID and Secret Access Key, are defined on the Secrets page under the Resources section in the sidebar menu.

In this example we will use an AWS account and define the following secrets:

Define Secrets

Step 2: Open the Upload dialog and define the blueprint name.

Next, we will open the Upload dialog for Terraform modules. Navigate to the Blueprints page and select the “Upload” dropdown. Select the “Upload from Terraform module” option.

This will launch the “Create blueprint from Terraform” dialog. Provide the following initial information:

Step 3: Upload the Terraform archive and select the module

Next, we will provide the Cloudify Manager with the location of the Terraform module. Terraform modules can be provided as ZIP archives from a remote URL (such as an artifact server) or from a local ZIP file uploaded to the Cloudify Manager. This example will use a URL for the ZIP archive.

There are a few things that you should know about the structure of Terraform module ZIP archives:

In this example, we will use an example module from the Cloudify Community GitHub repository. Provide the following information under the “Terraform module details” section:

A dialog will pop up on the screen and ask you if you want to automatically define detected variables and outputs. Click “Yes” on this dialog.

Define Terraform Module Path

Step 4: Define the variables for the Terraform module

Cloudify Manager 6.4 includes the ability to automatically detect Variables and Outputs for Terraform modules. Once the Variables have been automatically detected, you can fine-tune how those Variables are exposed in the blueprint. In this example, we are going to adjust a few of these variables to provide the best user experience when deploying from the blueprint.

Variables can come from three sources when deploying an environment:

We are going to adjust the variables that have been automatically detected by the Cloudify Manager. First, remove any variables so that only the variables below remain:

Any variables that are not defined will be left at their default values in the Terraform module.

Next, define the source for each input:

Variable Source Value / Secret key / Input name
access_key Secret aws_access_key_id
admin_key_public Secret root_ssh_key
admin_user Static centos
aws_region Input aws_region
aws_zone Input aws_zone
secret_key Secret aws_secret_access_key

This example uses a Terraform module that accepts credentials as Variables. However, not all modules work in this way. Some may require credentials to be set as environment variables. See the “Passing provider credentials as environment variables” section below if you are using a module that behaves in this way.

Define Terraform Module Outputs

Step 5: Define outputs and capabilities

The outputs of the Terraform module can be made available in the outputs and capabilities in the Cloudify Manager. Outputs and capabilities allow you to expose information to the end user of your blueprint in different ways:

The Cloudify Manager automatically detects and imports any Outputs from the provided Terraform module. You can then choose whether to expose these as Outputs or Capabilities within the blueprint. For this example, we will define the value as an Output for the end user:

Define Terraform Module Outputs

Step 6: Create the blueprint

Once all information has been filled out, you can click the “Submit” button. The Cloudify Manager will automatically generated a blueprint based on the Terraform module, Inputs, and Outputs or Capabilities that you have defined in the dialog. If there are any errors with your blueprint definition, they will be displayed in dialog.

Once the blueprint has been generated, you will automatically be redirected to the Deploy dialog for the blueprint.

Step 7: Create a deployment and test the blueprint

Once the blueprint has been created, you can create a new deployment to test out the end-to-end flow. You should have already been redirected to the Deploy dialog for the blueprint.

Perform the following steps to create a new deployment:

  1. Fill out any necessary Inputs in the Deploy dialog
  2. Click the “Install” button

Deploy blueprint

The Cloudify Manager will begin orchestrating all of the steps necessary to deploy a new environment from your blueprint. The Cloudify Manager provides several pieces of information about the deployment, so please take the time to explore some of the following features on the deployment page:

Terraform Install

Passing provider credentials as environment variables

Some Terraform modules, such as those downloaded from the Terraform Registry, rely on environment variables to supply credentials and other information to the providers. You can define environment variables and assign values in the “Environment Variables” section of the “Create blueprint from Terraform” dialog. For example, the screenshot below shows AWS credentials provided as environment variables from the internal secret store:

Terraform Environment Variables


If you used the example Terraform module provided in this article, then the deployment should be successful. However, you may occasionally run into issues when uploading Terraform modules from other sources. The table below lists some common errors and potential solutions to issues that you may face when importing Terraform modules as Cloudify blueprints.

Error Cause Solution
Value for undeclared variable. The root module does not declare a variable named “AWS_ACCESS_KEY_ID” but a value was found in… The credentials were defined in the variables section instead of the environment variables section Ensure that credentials and any other variables are defined in the appropriate location
Could not load plugin. Plugin reinitialization required. Please run “terraform init”. The version of Terraform selected is too old for the Terraform module you have uploaded. Ensure that the correct version of Terraform is specified
Configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found. Credentials were not defined Ensure that credentials are defined in the appropriate location (e.g., as an Input or environment variable)