We’re excited to announce the initial availability of our new Terraform provider for Storj! For customers who already manage infrastructure using Terraform, terraform-provider-storj allows users to declaratively manage and configure Storj buckets, access grants, and individual objects. Let’s take a quick look at what’s included. For more information, head on over to the provider’s documentation.
Prerequisites
- Basic knowledge and understanding of Terraform and how it works.
- A recent version of Terraform installed on your machine.
Getting Started
First, you will need to add the provider to your Terraform file.
Once added, run terraform init to download the provider from the remote registry.
Configuring Storj Authentication
By default, the provider will attempt to load your Storj access grant from the STORJ_ACCESS_GRANT environment variable. This value can also be configured directly on the provider and passed in using variables in the Terraform file.
Next, we’ll configure an access grant in the Storj UI for the provider to use. Head on over to the “Access” section of the Storj UI for the project you want to manage using Terraform.
Click on the blue “Create Access Grant” button. This will pull up a modal asking for the scope and permissions you wish to grant to the holder of the access grant. While this grant can be restricted, we will keep things rather permissive for the purpose of this walkthrough.
Once the appropriate permissions have been selected, click “Encrypt My Access” to proceed. This will generate an encryption key that is used to secure the contents that are uploaded to the Storj network. You can provide your own passphrase or generate a new one.
Click “Download .txt” and then “Encrypt My Access” to finalize and generate your access grant. Copy the generated grant and save it somewhere safe for later use.
Manage a Bucket
Buckets are a common component for folks to manage in Terraform. The resource definition in Terraform is rather simple, simply provide the name of the bucket you wish to create.
Upload an Object
Once a bucket is available, you can upload an object to it using the storj_object resource. You can point the resource at an existing file on disk, a raw string, or base64 encoded content. You can also provide additional metadata to attach to the object.
Derive a New Access Grant
Finally, we rarely want to provide an application with unrestricted access to an entire bucket. Using the storj_access_grant resource, we can derive a new access grant from the provided one that’s specific to the application and limited to a new set of permissions (must be a subset of the provided access grants permissions).
By using the storj_access_grant resource, we can easily rotate access grants that are provided to applications by tainting the resource in Terraform.
Conclusion
Whether you’re an existing customer or a new one, the Storj Terraform provider provides a more integrated experience when it comes to managing the buckets your applications consume and access grants they use. This is a greenfield project that’s just getting started and we hope you’ll give it a try. Should you have any feedback or feature requests, please reach out to us by:
- Provider: https://registry.terraform.io/providers/storj/storj
- Source Code: https://github.com/storj/terraform-provider-storj
- Open issues in the terraform-provider-storj GitHub repository
- Follow storj on Twitter
