The Formance Cloud Terraform provider allows you to manage your Formance Cloud resources via Infrastructure as Code (IaC). This provider supports managing organizations, stacks, regions, and modules.
- Installation
- Configuration
- Quick Start Guide
- Authentication
- Available Resources
- Data Sources
- Examples
- Full Documentation
- Support
terraform {
required_providers {
formancecloud = {
source = "formancehq/formancecloud"
}
}
}
provider "formancecloud" {
# Configuration...
}The provider can be configured in two ways:
provider "formancecloud" {
client_id = "your-client-id"
client_secret = "your-client-secret"
}export FORMANCE_CLOUD_CLIENT_ID="your-client-id"
export FORMANCE_CLOUD_CLIENT_SECRET="your-client-secret"Here's a minimal example to get started with the Formance Cloud provider:
# Provider configuration
provider "formancecloud" {
# Credentials can be set via environment variables
}
# Create an organization
resource "formancecloud_organization" "main" {
name = "my-organization"
}
# Create a private region
resource "formancecloud_region" "europe" {
name = "europe-west"
organization_id = formancecloud_organization.main.id
}
# Create a stack
resource "formancecloud_stack" "production" {
name = "production"
organization_id = formancecloud_organization.main.id
region_id = formancecloud_region.europe.id
}
# Enable the ledger module
resource "formancecloud_stack_module" "ledger" {
name = "ledger"
stack_id = formancecloud_stack.production.id
organization_id = formancecloud_organization.main.id
}The provider uses OAuth2 authentication with client credentials. To obtain your credentials:
- Log in to your Formance Cloud account
- Navigate to your organization settings
- Create a new OAuth2 application
- Note the
client_idandclient_secret
- Never commit your credentials in your code
- Use environment variables or a secrets manager
- Limit your credentials' permissions to the minimum required
- Rotate your secrets regularly
formancecloud_organization- Manages a Formance Cloud organization
formancecloud_stack- Manages an isolated environment for your Formance services
formancecloud_region- Manages a dedicated private region
formancecloud_stack_module- Enables/disables modules on a stack
formancecloud_organization_member- Manages organization membersformancecloud_stack_member- Manages stack access
formancecloud_organizations- Retrieves organization informationformancecloud_stacks- Retrieves stack informationformancecloud_regions- Retrieves region informationformancecloud_region_versions- Lists available versions in a region
# Variables for environments
variable "environments" {
default = ["development", "staging", "production"]
}
# Create a stack for each environment
resource "formancecloud_stack" "env" {
for_each = toset(var.environments)
name = each.value
organization_id = formancecloud_organization.main.id
region_id = formancecloud_region.europe.id
}
# Enable necessary modules for each stack
resource "formancecloud_stack_module" "ledger" {
for_each = formancecloud_stack.env
name = "ledger"
stack_id = each.value.id
organization_id = formancecloud_organization.main.id
}# Define teams and their access
locals {
teams = {
developers = {
members = ["dev1@example.com", "dev2@example.com"]
role = "WRITE"
}
observers = {
members = ["observer1@example.com", "observer2@example.com"]
role = "READ"
}
}
}
# Add members to the organization
resource "formancecloud_organization_member" "members" {
for_each = toset(flatten([for team in local.teams : team.members]))
organization_id = formancecloud_organization.main.id
email = each.value
role = "READ" # Minimum organization access
}
# Grant stack access according to teams
resource "formancecloud_stack_member" "team_access" {
for_each = {
for member in flatten([
for team_name, team in local.teams : [
for email in team.members : {
key = "${team_name}-${email}"
email = email
role = team.role
user_id = formancecloud_organization_member.members[email].user_id
}
]
]) : member.key => member
}
organization_id = formancecloud_organization.main.id
stack_id = formancecloud_stack.production.id
user_id = each.value.user_id
role = each.value.role
}For more detailed information about each resource and data source:
The following modules can be enabled on your stacks:
- ledger - Core accounting engine
- payments - Payment management and orchestration
- webhooks - Webhook management and distribution
- wallets - Digital wallet functionality
- search - Full-text search capabilities
- reconciliation - Transaction reconciliation
- orchestration - Workflow orchestration
- auth - Authentication and authorization
- stargate - API Gateway
Error: Failed to authenticate with Formance Cloud API
Solution: Check your client_id and client_secret. Ensure they are correctly configured.
Error: Insufficient permissions to perform this action
Solution: Verify that your credentials have the necessary permissions for the requested action.
Error: Stack cannot be deleted as it contains data
Solution: Use force_destroy = true with caution to force deletion.
- Issues GitHub: github.com/formancehq/terraform-provider-cloud/issues
- API Documentation: docs.formance.com
- Contact: support@formance.com
Contributions are welcome! See our contribution guide for more information.
This provider is distributed under the Apache 2.0 License. See LICENSE for more details.