From c7f8db3dbae662f770bd6ea4e73e8b962d07fe88 Mon Sep 17 00:00:00 2001 From: Chris Riley Date: Tue, 21 Mar 2017 14:24:29 -0700 Subject: [PATCH] added TFE faq, billing, api, organizations --- .../api/configuration-versions.html.md | 80 +++++++ .../enterprise/api/configurations.html.md | 65 ++++++ .../docs/enterprise/api/environments.html.md | 63 ++++++ .../source/docs/enterprise/api/index.html.md | 97 ++++++++ .../source/docs/enterprise/api/runs.html.md | 47 ++++ .../source/docs/enterprise/api/states.html.md | 48 ++++ .../source/docs/enterprise/api/users.html.md | 28 +++ .../docs/enterprise/billing/index.html.md | 51 +++++ .../source/docs/enterprise/faq/index.html.md | 13 ++ .../faq/monolithic-artifacts.html.md | 149 +++++++++++++ .../faq/rolling-deployments.html.md | 80 +++++++ .../docs/enterprise/glossary/index.html.md | 208 ++++++++++++++++++ .../authentication-policy.html.md | 22 ++ .../enterprise/organizations/create.html.md | 19 ++ .../organizations/credit-card.html.md | 13 ++ .../enterprise/organizations/index.html.md | 17 ++ .../enterprise/organizations/migrate.html.md | 27 +++ .../enterprise/organizations/trials.html.md | 13 ++ .../user-accounts/authentication.html.md | 70 ++++++ .../enterprise/user-accounts/index.html.md | 13 ++ .../enterprise/user-accounts/recovery.html.md | 14 ++ website/source/layouts/accounts.erb | 25 +++ website/source/layouts/docs.erb | 16 +- website/source/layouts/faq.erb | 25 +++ website/source/layouts/organizations.erb | 34 +++ 25 files changed, 1236 insertions(+), 1 deletion(-) create mode 100755 website/source/docs/enterprise/api/configuration-versions.html.md create mode 100755 website/source/docs/enterprise/api/configurations.html.md create mode 100755 website/source/docs/enterprise/api/environments.html.md create mode 100755 website/source/docs/enterprise/api/index.html.md create mode 100755 website/source/docs/enterprise/api/runs.html.md create mode 100755 website/source/docs/enterprise/api/states.html.md create mode 100755 website/source/docs/enterprise/api/users.html.md create mode 100755 website/source/docs/enterprise/billing/index.html.md create mode 100755 website/source/docs/enterprise/faq/index.html.md create mode 100755 website/source/docs/enterprise/faq/monolithic-artifacts.html.md create mode 100755 website/source/docs/enterprise/faq/rolling-deployments.html.md create mode 100755 website/source/docs/enterprise/glossary/index.html.md create mode 100755 website/source/docs/enterprise/organizations/authentication-policy.html.md create mode 100755 website/source/docs/enterprise/organizations/create.html.md create mode 100755 website/source/docs/enterprise/organizations/credit-card.html.md create mode 100755 website/source/docs/enterprise/organizations/index.html.md create mode 100755 website/source/docs/enterprise/organizations/migrate.html.md create mode 100755 website/source/docs/enterprise/organizations/trials.html.md create mode 100755 website/source/docs/enterprise/user-accounts/authentication.html.md create mode 100755 website/source/docs/enterprise/user-accounts/index.html.md create mode 100755 website/source/docs/enterprise/user-accounts/recovery.html.md create mode 100644 website/source/layouts/accounts.erb create mode 100644 website/source/layouts/faq.erb create mode 100644 website/source/layouts/organizations.erb diff --git a/website/source/docs/enterprise/api/configuration-versions.html.md b/website/source/docs/enterprise/api/configuration-versions.html.md new file mode 100755 index 000000000..76150ff72 --- /dev/null +++ b/website/source/docs/enterprise/api/configuration-versions.html.md @@ -0,0 +1,80 @@ +--- +title: "Build Configuration Versions API" +--- + +# Configuration Versions API + +A configuration version represents versions of Terrraform configuration. +Each set of changes to Terraform HCL files or the scripts +used in the files should have an associated configuration version. + +When creating versions via the API, the variables attribute can be sent +to include the necessary variables for the Terraform configuration. + +### Configuration Version Attributes + + + + + + + + + + + + + + + + + +
AttributeDescriptionRequired
variablesA key/value map of Terraform variables to be associated + with the configuration version.No
metadataA hash of key value metadata pairs.No
+ +### Actions + +The following actions can be perfomed on this resource. + +
+
Create
+
POST /api/v1/terraform/configurations/:username/:name/versions
+
Upload progress
+
GET /api/v1/terraform/configurations/:username/:name/versions/progress/:token
+
+ +### Examples + +#### Creating a configuration version + +Creates a configuration with the provided attributes. + + $ cat version.json + { + "version": { + "metadata": { + "git_branch": "master", + "remote_type": "atlas", + "remote_slug": "hashicorp/atlas" + }, + "variables": { + "ami_id": "ami-123456", + "target_region": "us-east-1", + "consul_count": "5", + "consul_ami": "ami-123456" + } + } + } + + $ curl %{ATLAS_URL}/api/v1/terraform/configurations/%{DEFAULT_USERNAME}/test/versions \ + -X POST \ + -H "X-Atlas-Token: $ATLAS_TOKEN" \ + -H "Content-Type: application/json" \ + -d @version.json + +#### Retrieving the progress of an upload for a configuration version + +Returns upload progress for the version. + + $ curl %{ATLAS_URL}/api/v1/terraform/configurations/%{DEFAULT_USERNAME}/test/versions/progress/63fc7e18-3911-4853-8b17-7fdc28f158f2 \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/configurations.html.md b/website/source/docs/enterprise/api/configurations.html.md new file mode 100755 index 000000000..8fcdb1a3a --- /dev/null +++ b/website/source/docs/enterprise/api/configurations.html.md @@ -0,0 +1,65 @@ +--- +title: "Terraform Configuration API" +--- + +# Terraform Configuration API + +A configuration respresents settings associated with a resource that +runs Terraform with versions of Terraform configuration. + +Configurations have many [configuration versions](/help/api/terraform/configuration-versions) +which represent versions of Terraform configuration templates and other associated +configuration. + +### Configuration Attributes + + + + + + + + + + + + + + + + + +
AttributeDescriptionRequired
nameThe name of the configuration, used to identify it. It + has a maximum length of 50 characters and must contain only + letters, numbers, dashes, underscores or periods.Yes
usernameThe username to assign the configuration to. You must be a member of the + organization and have the ability to create the resource.Yes
+ +### Actions + +The following actions can be perfomed on this resource. + +
+
Show
+
GET /api/v1/terraform/configurations/:username/:name/versions/latest
+
Create
+
POST /api/v1/terraform/configurations
+
+ +### Examples + +#### Creating a configuration + +Creates a configuration with the provided attributes. + + $ curl %{ATLAS_URL}/api/v1/terraform/configurations \ + -X POST \ + -H "X-Atlas-Token: $ATLAS_TOKEN" \ + -d configuration[name]='test' \ + -d configuration[username]='%{DEFAULT_USERNAME}' + +#### Retrieving a configuration + +Returns the JSON respresentation of the latest configuration. + + $ curl %{ATLAS_URL}/api/v1/terraform/configurations/%{DEFAULT_USERNAME}/test/versions/latest \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/environments.html.md b/website/source/docs/enterprise/api/environments.html.md new file mode 100755 index 000000000..82a967f91 --- /dev/null +++ b/website/source/docs/enterprise/api/environments.html.md @@ -0,0 +1,63 @@ +--- +title: "Environments API" +--- + +# Environments API + +Environments represent running infrastructure managed by Terraform. + +Environments can also be connected to Consul clusters. +This documentation covers the environment interactions with Terraform. + +### Environment Attributes + + + + + + + + + + + + +
AttributeDescriptionRequired
variablesA key/value map of Terraform variables to be updated. Existing + variables will only be removed when their value is empty. Varaibles + of the same key will be overwritten.Yes
+ +
+
+ Note: Only string variables can be updated via the API currently. + Creating or updating HCL variables is not yet supported. +
+
+ +### Actions + +The following actions can be perfomed on this resource. + +
+
Update variables
+
PUT /api/v1/enviromments/:username/:name/variables
+
+ +### Examples + +#### Updating Terraform variables + +Updates the Terraform variables for an environment. Due to the sensitive nature +of variables, they will not returned on success. + + $ cat variables.json + { + "variables": { + "desired_capacity": "15", + "foo": "bar" + } + } + $ curl %{ATLAS_URL}/api/v1/environments/%{DEFAULT_USERNAME}/test/variables \ + -X PUT \ + -H 'Content-Type: application/json' \ + -d @variables.json \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/index.html.md b/website/source/docs/enterprise/api/index.html.md new file mode 100755 index 000000000..ff5c6d1aa --- /dev/null +++ b/website/source/docs/enterprise/api/index.html.md @@ -0,0 +1,97 @@ +--- +title: "Atlas API Documentation" +--- + +# Atlas API Documentation + +Atlas provides an API for a **subset of features** available. For questions +or requests for new API features please email [support@hashicorp.com](mailto:support@hashicorp.com). + +## Available Endpoints + +These are the currently supported API endpoints for each product: + +### Vagrant + +- [Boxes](/help/api/vagrant/boxes) +- [Box Versions](/help/api/vagrant/box-versions) +- [Box Providers](/help/api/vagrant/box-providers) + +### Packer + +- [Build configurations](/help/api/packer/build-configurations) +- [Build configuration versions](/help/api/packer/build-configuration-versions) +- [Builds](/help/api/packer/builds) + +### Terraform + +- [Environments](/help/api/terraform/environments) +- [Runs](/help/api/terraform/runs) +- [States](/help/api/terraform/states) + +## Authentication + +All requests must be authenticated with an `X-Atlas-Token` HTTP header. This +token can be generated or revoked on the [account tokens page](/settings/tokens). +Your token will have access to all resources your account has access to. + +For organization level resources, we recommend creating a separate user account +that can be added to the organization with the specific privilege level +required. + +## Response Codes + +Standard HTTP response codes are returned. `404 Not Found` +codes are returned for all resources that a user does not have access to, +as well as for resources that don't exist. This is done to avoid a +potential attacker discovering the existence of a resource. + +## Errors + +Errors are returned in JSON format: + + { + "errors": { + "name": [ + "has already been taken" + ] + } + } + +## Versioning + +The API currently resides under the `/v1` prefix. Future APIs +will increment this version leaving the `/v1` API intact, though +in the future certain features may be deprecated. In that case, +ample notice to migrate to the new API will be provided. + +## Content Type + +The API accepts namespaced attributes in either +JSON or `application/x-www-form-urlencoded`. We recommend +using JSON, but for simplicity form style requests are supported. + +Below is an equivalent example with both styles using `curl`. + +### JSON Request Example + + $ cat variables.json + { + "variables": { + "desired_capacity": "15", + "foo": "bar" + } + } + $ curl %{ATLAS_URL}/api/v1/environments/%{DEFAULT_USERNAME}/test/variables \ + -X PUT \ + -H 'Content-Type: application/json' \ + -d @variables.json \ + -H "X-Atlas-Token: $ATLAS_TOKEN" + +### Form URL Encoded Example + + $ curl %{ATLAS_URL}/api/v1/environments/%{DEFAULT_USERNAME}/test/variables \ + -X PUT \ + -d variables[foo]='bar' \ + -d variables[desired_capacity]='15' \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/runs.html.md b/website/source/docs/enterprise/api/runs.html.md new file mode 100755 index 000000000..70d134498 --- /dev/null +++ b/website/source/docs/enterprise/api/runs.html.md @@ -0,0 +1,47 @@ +--- +title: "Runs API" +--- + +# Runs API + +Runs in Atlas represents a two step Terraform plan and a subsequent apply. + +Runs are queued under [environments](/help/api/terraform/environments) +and require a two-step confirmation workflow. However, environments +can be configured to auto-apply to avoid this. + +### Run Attributes + + + + + + + + + + + + +
AttributeDescriptionRequired
destroyIf set to true, this run will be a destroy plan.No
+ +### Actions + +The following actions can be perfomed on this resource. + +
+
Queue a run
+
POST /api/v1/enviromments/:username/:name/plan
+
+ +### Examples + +#### Queueing a new run + +Starts a new run (plan) in the environment. Requires a configuration +version to be present on the environment to succeed, but will otherwise 404. + + $ curl %{ATLAS_URL}/api/v1/environments/%{DEFAULT_USERNAME}/test/plan \ + -X POST \ + -d "" \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/states.html.md b/website/source/docs/enterprise/api/states.html.md new file mode 100755 index 000000000..5e77d624d --- /dev/null +++ b/website/source/docs/enterprise/api/states.html.md @@ -0,0 +1,48 @@ +--- +title: "State API" +--- + +# State API + +State represents the status of your infrastructure at the last time Terraform was run. States can be pushed to Atlas from Terraform's CLI after an apply is done locally, or state is automatically stored in Atlas if the apply is done in Atlas. + +### State Attributes + + + + + + + + + + + + +
AttributeDescriptionRequired
usernameIf supplied, only return states belonging to the organization with this username.No
+ +### Actions + +The following actions can be perfomed on this resource. + +
+
Get a list of states accessible to a user
+
GET /api/v1/terraform/state
+
+ +### Examples + +#### Getting a list of Terraform states + + $ curl %{ATLAS_URL}/api/v1/terraform/state \ + -H "X-Atlas-Token: $ATLAS_TOKEN" + +#### Getting a list of Terraform states for an organization + + $ curl %{ATLAS_URL}/api/v1/terraform/state?username=acme_inc \ + -H "X-Atlas-Token: $ATLAS_TOKEN" + +#### Getting second page of list of Terraform states + + $ curl %{ATLAS_URL}/api/v1/terraform/state?page=2 \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/api/users.html.md b/website/source/docs/enterprise/api/users.html.md new file mode 100755 index 000000000..46e5119fa --- /dev/null +++ b/website/source/docs/enterprise/api/users.html.md @@ -0,0 +1,28 @@ +--- +title: "Users API" +--- + +# Users API + +Users are both users and organizations in Atlas. They are the +parent resource of all resources. + +Currently, only the retrieval of users is avaiable on the API. Additionally, +only [box](/help/api/vagrant/boxes) resources will be listed. Boxes will +be returned based on permissions over the organization, or user. + +### Actions + +The following actions can be perfomed on this resource. + +
+
Show
+
GET /api/v1/user/:username
+
+ +### Examples + +#### Retrieve a user + + $ curl %{ATLAS_URL}/api/v1/user/%{DEFAULT_USERNAME} \ + -H "X-Atlas-Token: $ATLAS_TOKEN" diff --git a/website/source/docs/enterprise/billing/index.html.md b/website/source/docs/enterprise/billing/index.html.md new file mode 100755 index 000000000..25ba5a99e --- /dev/null +++ b/website/source/docs/enterprise/billing/index.html.md @@ -0,0 +1,51 @@ +--- +layout: "docs" +page_title: "Billing: Managed Nodes" +sidebar_current: "docs-enterprise" +description: |- + HashiCorp charges for usage based on **managed nodes**. The definition of managed node is specific to the enterprise product and is described below. +--- + +# Managed Nodes + +HashiCorp charges for usage based on **managed nodes**. The definition of +managed node is specific to the enterprise product and is described below. + +For all enterprise products, the count of managed nodes is observed and +recorded every hour. At the end of the billing month a weighted average of +this recorded value is calculated to determine the overall managed node count +for billing. + +## Terraform Enterprise + +For Terraform Enterprise, a managed node is a compute resource defined in your +Terraform configuration. For certain resource types the managed node count is +determined by a property of the resource. The `count` meta-parameter is used +for all compute resource types. The complete list of compute resources and +resource arguments for determining managed node count is below. + +| Provider | Resource Type | Resource Property | +|:-:|:-:|:-:| +| AWS | `aws_instance` | `count` | +| AWS | `aws_autoscaling_group` | `count` `desired_capacity` | +| Azure | `azure_instance` | `count` | +| Azure | `azurerm_virtual_machine` | `count` | +| CenturyLink Cloud | `clc_server` | `count` | +| CloudStack | `cloudstack_instance` | `count` | +| DigitalOcean | `digitalocean_droplet` | `count` | +| Google Cloud | `google_compute_instance` | `count` | +| Google Cloud | `compute_instance_group_manager` | `count` `target_size` | +| Heroku | `heroku_app` | `count` | +| OpenStack | `openstack_compute_instance_v2` | `count` | +| Packet | `packet_device` | `count` | +| Triton | `triton_machine` | `count` | +| VMware vCloud Director | `vcd_vapp` | `count` | +| VMware vSphere provider | `vsphere_virtual_machine` | `count` | + + +Terraform Enterprise includes unlimited Packer builds and artifact storage. + +# Billing Support + +For questions related to billing please email +[support@hashicorp.com](mailto:support@hashicorp.com). diff --git a/website/source/docs/enterprise/faq/index.html.md b/website/source/docs/enterprise/faq/index.html.md new file mode 100755 index 000000000..b0d037cae --- /dev/null +++ b/website/source/docs/enterprise/faq/index.html.md @@ -0,0 +1,13 @@ +--- +layout: "faq" +page_title: "Terraform Enterprise FAQs" +sidebar_current: "docs-enterprise-faq" +description: |- + Frequently Asked Questions. +--- + +# Frequently Asked Questions + +[Monolithic Artifacts](/docs/enterprise/faq/monolithic-artifacts) - *How do I build multiple applications into one artifact?* + +[Rolling Deployments](/docs/enterprise/faq/rolling-deployments) - *How do I configure rolling deployments?* diff --git a/website/source/docs/enterprise/faq/monolithic-artifacts.html.md b/website/source/docs/enterprise/faq/monolithic-artifacts.html.md new file mode 100755 index 000000000..35d15982d --- /dev/null +++ b/website/source/docs/enterprise/faq/monolithic-artifacts.html.md @@ -0,0 +1,149 @@ +--- +layout: "faq" +page_title: "FAQ: Monolithic Artifacts" +sidebar_current: "docs-enterprise-faq-monolithic" +description: |- + How do I build multiple applications into one artifact? +--- + +# Monolithic Artifacts + +*How do I build multiple applications into one artifact?* + +Create your new Applications in Terraform Enterprise using the application compilation feature. + +You can either link each Application to the single Build Template you will be using to create the monolithic artifact, or run periodic Packer builds. + +Each time an Application is pushed, it will store the new application version in the artifact registry as a tarball. These will be available for you to download at build-time on the machines they belong. + +Here's an example `compile.json` template that you will include with the rest of your application files that do the compiling: + + + { + "variables": { + "app_slug": "{{ env `ATLAS_APPLICATION_SLUG` }}" + }, + "builders": [ + { + "type": "docker", + "image": "ubuntu:14.04", + "commit": true + } + ], + "provisioners": [ + { + "type": "shell", + "inline": [ + "apt-get -y update" + ] + }, + { + "type": "file", + "source": ".", + "destination": "/tmp/app" + }, + { + "type": "shell", + "inline": [ + "cd /tmp/app", + "make" + ] + }, + { + "type": "file", + "source": "/tmp/compiled-app.tar.gz", + "destination": "compiled-app.tar.gz", + "direction": "download" + } + ], + "post-processors": [ + [ + { + "type": "artifice", + "files": ["compiled-app.tar.gz"] + }, + { + "type": "atlas", + "artifact": "{{user `app_slug` }}", + "artifact_type": "archive" + } + ] + ] + } + + +In your Packer template, you can download each of the latest applications artifacts onto the host using the shell provisioner: + + +```curl -L -H "X-Atlas-Token: ${ATLAS_TOKEN}" https://atlas.hashicorp.com/api/v1/artifacts/hashicorp/example/archive/latest/file -o example.tar.gz``` + + +Here's an example Packer template: + + + { + "variables": { + "atlas_username": "{{env `ATLAS_USERNAME`}}", + "aws_access_key": "{{env `AWS_ACCESS_KEY_ID`}}", + "aws_secret_key": "{{env `AWS_SECRET_ACCESS_KEY`}}", + "aws_region": "{{env `AWS_DEFAULT_REGION`}}", + "instance_type": "c3.large", + "source_ami": "ami-9a562df2", + "name": "example", + "ssh_username": "ubuntu", + "app_dir": "/app" + }, + "push": { + "name": "{{user `atlas_username`}}/{{user `name`}}", + "vcs": false + }, + "builders": [ + { + "type": "amazon-ebs", + "access_key": "{{user `aws_access_key`}}", + "secret_key": "{{user `aws_secret_key`}}", + "region": "{{user `aws_region`}}", + "vpc_id": "", + "subnet_id": "", + "instance_type": "{{user `instance_type`}}", + "source_ami": "{{user `source_ami`}}", + "ami_regions": [], + "ami_name": "{{user `name`}} {{timestamp}}", + "ami_description": "{{user `name`}} AMI", + "run_tags": { "ami-create": "{{user `name`}}" }, + "tags": { "ami": "{{user `name`}}" }, + "ssh_username": "{{user `ssh_username`}}", + "ssh_timeout": "10m", + "ssh_private_ip": false, + "associate_public_ip_address": true + } + ], + "provisioners": [ + { + "type": "shell", + "execute_command": "echo {{user `ssh_username`}} | {{ .Vars }} sudo -E -S sh '{{ .Path }}'", + "inline": [ + "apt-get -y update", + "apt-get -y upgrade", + "apt-get -y install curl unzip tar", + "mkdir -p {{user `app_dir`}}", + "chmod a+w {{user `app_dir`}}", + "cd /tmp", + "curl -L -H "X-Atlas-Token: ${ATLAS_TOKEN}" https://atlas.hashicorp.com/api/v1/artifacts/{{user `atlas_username`}}/{{user `name`}}/archive/latest/file -o example.tar.gz", + "tar -xzf example.tar.gz -C {{user `app_dir`}}" + ] + } + ], + "post-processors": [ + { + "type": "atlas", + "artifact": "{{user `atlas_username`}}/{{user `name`}}", + "artifact_type": "amazon.image", + "metadata": { + "created_at": "{{timestamp}}" + } + } + ] + } + +Once downloaded, you can place each application slug where it needs to go to produce the monolithic artifact your are accustom to. diff --git a/website/source/docs/enterprise/faq/rolling-deployments.html.md b/website/source/docs/enterprise/faq/rolling-deployments.html.md new file mode 100755 index 000000000..36bc1b3d4 --- /dev/null +++ b/website/source/docs/enterprise/faq/rolling-deployments.html.md @@ -0,0 +1,80 @@ +--- +layout: "faq" +page_title: "FAQ: Rolling Deployments" +sidebar_current: "docs-enterprise-faq-deployments" +description: |- + How do I configure rolling deployments in Terraform Enterprise? +--- + +# Rolling Deployments + +*How do I configure rolling deployments?* + +User are able to quickly change out an Artifact version that is being utilized by Terraform, using variables within Terraform Enterprise. This is +particularly useful when testing specific versions of the given artifact without performing a full rollout. This configuration also allows one +to deploy any version of an artifact with ease, simply by changing a version variable in Terraform and re-deploying. + +Here is an example: + + variable "type" { default = "amazon.image" } + variable "region" { } + variable "atlas_username" { } + variable "pinned_name" { } + variable "pinned_version" { default = "latest" } + + resource "atlas_artifact" "pinned" { + name = "${var.atlas_username}/${var.pinned_name}" + type = "${var.type}" + version = "${var.pinned_version}" + + lifecycle { create_before_destroy = true } + + metadata { + region = "${var.region}" + } + } + + output "pinned" { value = "${atlas_artifact.pinned.metadata_full.ami_id}" } + + +In the above example we have an `atlas_artifact` resource where you pass in the version number via the variable `pinned_version`. (_note: this variable defaults to latest_). +If you ever want to deploy any other version, you just update the variable `pinned_version` and redeploy. + +Below is similar to the first example, but it is in the form of a module that handles the creation of artifacts: + + variable "type" { default = "amazon.image" } + variable "region" { } + variable "atlas_username" { } + variable "artifact_name" { } + variable "artifact_version" { default = "latest" } + + resource "atlas_artifact" "artifact" { + name = "${var.atlas_username}/${var.artifact_name}" + type = "${var.type}" + count = "${length(split(",", var.artifact_version))}" + version = "${element(split(",", var.artifact_version), count.index)}" + + lifecycle { create_before_destroy = true } + metadata { region = "${var.region}" } + } + + output "amis" { value = "${join(",", atlas_artifact.artifact.*.metadata_full.ami_id)}" } + +One can then use the module as follows (_note: the source will likely be different depending on the location of the module_): + + module "artifact_consul" { + source = "../../../modules/aws/util/artifact" + + type = "${var.artifact_type}" + region = "${var.region}" + atlas_username = "${var.atlas_username}" + artifact_name = "${var.consul_artifact_name}" + artifact_version = "${var.consul_artifacts}" + } + + +In the above example, we have created artifacts for Consul. In this example, we can create two versions of the artifact, +"latest" and "pinned". This is useful when rolling a cluster (like Consul) one node at a time, keeping some nodes pinned to current version and others +deployed with the latest Artifact. + +There are additional details for implementing rolling deployments in the [Best-Practices Repo](https://github.com/hashicorp/best-practices/blob/master/terraform/providers/aws/us_east_1_prod/us_east_1_prod.tf#L105-L123), as there are some things uncovered in this FAQ (i.e Using the Terraform Enterprise Artifact in an instance). diff --git a/website/source/docs/enterprise/glossary/index.html.md b/website/source/docs/enterprise/glossary/index.html.md new file mode 100755 index 000000000..dfdf9a111 --- /dev/null +++ b/website/source/docs/enterprise/glossary/index.html.md @@ -0,0 +1,208 @@ +--- +layout: "docs" +page_title: "Terraform Enterprise Glossary" +sidebar_current: "docs-enterprise" +description: |- + Terminology for Terraform Enterprise. +--- + +# Glossary + +Terraform Enterprise, and this documentation, covers a large set of terminology adopted +from tools, industry standards and the community. This glossary +seeks to define as many of those terms as possible to help increase +understanding in interfacing with the platform and reading documentation. + +### Authentication Tokens + +Authentication tokens are tokens used to authenticate with Terraform Enterprise via +APIs or through tools. Authentication tokens can be revoked, expired +or created under any user. + +### ACL + +ACL is an acronym for access control list. This defines access +to a set of resources. Access to an object in Terraform Enterprise limited to "read" +for certain users is an example of an ACL. + +### Alert + +An alert represents a health check status change on a Consul node that +is sent to Terraform Enterprise, and then recorded and distributed to various +notification methods. + +### Application + +An application is a set of code that represents an application that should +be deployed. Applications can be linked to builds to be made +available in the Packer environment. + +### Apply + +An apply is the second step of the two steps required for +Terraform to make changes to infrastructure. The apply is the process +of communicating with external APIs to make the changes. + +### Artifact + +An artifact is an abstract representation of something you wish to +store and use again that has undergone configuration, compilation or +some other build process. An artifact is typically +an image created by Packer that is then deployed by Terraform, or used +locally with Vagrant. + +### Box + +Boxes are a Vagrant specific package format. Vagrant can install +and uses images in box format. + +### Build + +Builds are resources that represent Packer configurations. A build +is a generic name, sometimes called a "Build Configuration" when +defined in the Terraform Enterprise UI. + +### Build Configuration + +A build configuration are settings associated with a resource that +creates artifacts via builds. A build configuration is the name +in `packer push -name acemeinc/web`. + +### Catalog + +The box catalog is a publicly available index of Vagrant Boxes +that can be downloaded from Terraform Enterprise and used for development. + +### Consul + +[Consul](https://consul.io) is a HashiCorp tool for service discovery, configuration, +and orchestration. Consul enables rapid deployment, configuration, monitoring and +maintenance of service-oriented architectures. + +### Datacenter + +A datacenter represents a group of nodes in the same network or +datacenter within Consul. + +### Environment + +Environments show the real-time status of your infrastructure, +any pending changes, and its change history. Environments can be configured +to use any or all of these three components. + +Environments are the namespace of your Terraform Enterprise managed infrastructure. +As an example, if you to have a production environment +for a company named Acme Inc., your environment +may be named `%{DEFAULT_USERNAME}/production`. + +To read more about features provided under environments, +read the [Terraform](/docs/enterprise) sections. + +### Environment Variables + +Environment variables injected into the environment of Packer builds or +Terraform Runs (plans and applies). + +### Flapping + +Flapping is something entering and leaving a healthy state rapidly. It is typically associated with a health checks that +briefly report unhealthy status before recovering. + +### Health Check + +Health checks trigger alerts by changing status on a Consul node. That status +change is seen by Terraform Enterprise, when connected, and an associated alert is +recorded and sent to any configured notification methods, like +email. + +### Infrastructure + +An infrastructure is a stateful representation of a set of Consul +datacenters. + +### Managed Node + +Managed node is the billing metric for Terraform Enterprise. For Consul Enterprise, a node is a host +with a Consul agent on it. For Terraform Enterprise, a node is a compute +resource managed by Terraform. See [Managed Nodes](/docs/enterprise/billing) +for more details about which Terraform resources and resource properties are counted +as compute resources. + +All [Terraform Enterprise features](/docs/enterprise) are paid. + +### Operator + +An operator is a person who is making changes to infrastructure or +settings. + +### Packer + +[Packer](https://packer.io) is a tool for creating images for platforms such as Amazon AWS, +OpenStack, VMware, VirtualBox, Docker, and more — all from a single +source configuration. + +### Packer Template + +A Packer template is a JSON file that configure the various components +of Packer in order to create one or more machine images. + +### Plan + +A plan is the second step of the two steps required for +Terraform to make changes to infrastructure. The plan is the process +of determining what changes will be made to. + +### Providers + +Providers are often referenced when discussing Packer +or Terraform. Terraform providers manage resources in Terraform. +[Read more](https://terraform.io/docs/providers/index.html). + +### Post-Processors + +The post-processor section within a Packer template configures +any post-processing that will be done to images built by the builders. +Examples of post-processing would be compressing files, uploading +artifacts, etc.. + +### Registry + +Often referred to as the "Artifact Registry", the registry +stores artifacts, be it images or IDs for cloud provider images. + +### Run + +A run epresents a two step Terraform plan and a subsequent apply. + +### Service + +A service in Consul represents an application or service, which +could be active on any number of nodes. + +### Share + +Shares are let you instantly share public access to your running +Vagrant environment (virtual machine). + +### State + +Terraform state is the state of your managed infrastructure from the last +time Terraform was run. By default this state is stored in a local file +named `terraform.tfstate`, but it can also be stored in Terraform Enterprise +and is then called "Remote state". + +### Terraform + +[Terraform](https://terraform.io) is a tool for safely and +efficiently changing infrastructure across providers. + +### Terraform Configuration + +Terraform configuration is the configuration files and any +files that may be used in provisioners like `remote-exec`. + +### Terraform Variables + +Variables in Terraform, uploaded with `terraform push` or +set in the UI. These differ from environment variables +as they are a first class Terraform variable used in interpolation. diff --git a/website/source/docs/enterprise/organizations/authentication-policy.html.md b/website/source/docs/enterprise/organizations/authentication-policy.html.md new file mode 100755 index 000000000..32bfbf1f6 --- /dev/null +++ b/website/source/docs/enterprise/organizations/authentication-policy.html.md @@ -0,0 +1,22 @@ +--- +layout: "organizations" +page_title: "Organization Authentication Policy" +sidebar_current: "docs-enterprise-organizations-policy" +description: |- + Owners can set organization-wide authentication policy in Terraform Enterprise. +--- + + +# Set an Organization Authentication Policy + +Because organization membership affords members access to potentially sensitive resources, owners can set organization-wide authentication policy in Terraform Enterprise. + +## Requiring Two-Factor Authentication + +Organization owners can require that all organization team members use [two-factor authentication](/docs/enterprise/user-accounts/authentication). Those that lack two-factor authentication will be locked out of the web interface until they enable it or leave the organization. + +Visit your organization's configuration page to enable this feature. All organization owners must have two-factor authentication enabled to require the practice organization-wide. Note: locked-out users are still be able to interact with Terraform Enterprise using their `ATLAS_TOKEN`. + +## Disabling Two-Factor Authentication Requirement + +Organization owners can disable the two-factor authentication requirement from their organization's configuration page. Locked-out team members (those who have not enabled two-factor authentication) will have their memberships reinstated. diff --git a/website/source/docs/enterprise/organizations/create.html.md b/website/source/docs/enterprise/organizations/create.html.md new file mode 100755 index 000000000..b7dd8ddde --- /dev/null +++ b/website/source/docs/enterprise/organizations/create.html.md @@ -0,0 +1,19 @@ +--- +layout: "organizations" +page_title: "Create and organization" +sidebar_current: "docs-enterprise-organizations-create" +description: |- + How to create a Terraform Enterprise account. +--- + +# Create an Organization Account + +To create an organization: + +1. Create a personal account. You'll use this to create and administrate +the organization. You'll be able to add other users as owners of the +organization, so it won't be tied solely to your account. + +1. Visit your new organization page to create the +organization. + diff --git a/website/source/docs/enterprise/organizations/credit-card.html.md b/website/source/docs/enterprise/organizations/credit-card.html.md new file mode 100755 index 000000000..47a3f0751 --- /dev/null +++ b/website/source/docs/enterprise/organizations/credit-card.html.md @@ -0,0 +1,13 @@ +--- +layout: "organizations" +page_title: "Add a credit card to an organization" +sidebar_current: "docs-enterprise-organizations-credit" +description: |- + You must add a credit card to your organization's account to setup auto billing. +--- + +# Add credit card details to an organization + +To setup automated billing for your Terraform usage, you must add a credit card to your organization's account. To do so, go into your account settings, then go to the proper organization settings in the left navigation. Select billing in the organization settings, and then enter your credit card information. + +If you have any questions regarding billing or payment, contact [sales@hashicorp.com](mailto:sales@hashicorp.com). diff --git a/website/source/docs/enterprise/organizations/index.html.md b/website/source/docs/enterprise/organizations/index.html.md new file mode 100755 index 000000000..535549617 --- /dev/null +++ b/website/source/docs/enterprise/organizations/index.html.md @@ -0,0 +1,17 @@ +--- +layout: "organizations" +page_title: "Organizations in Terraform Enterprise" +sidebar_current: "docs-enterprise-organizations" +description: |- + Organizations are a group of users in Terraform Enterprise that have access and ownership over shared resources. +--- + +## Organizations in Terraform Enterprise + +Organizations are a group of users in Terraform Enterprise that have access +and ownership over shared resources. When operating within a team, +we recommend creating an organization to manage access control, +auditing, billing and authorization. + +Each individual member of your organization should have their own +account. diff --git a/website/source/docs/enterprise/organizations/migrate.html.md b/website/source/docs/enterprise/organizations/migrate.html.md new file mode 100755 index 000000000..8a9c2b2a4 --- /dev/null +++ b/website/source/docs/enterprise/organizations/migrate.html.md @@ -0,0 +1,27 @@ +--- +layout: "organizations" +page_title: "Migrate Organization" +sidebar_current: "docs-enterprise-organizations-migrate" +description: |- + How to migrate existing organization. +--- + +# Migrate Organization + +To migrate an existing user account to an organization: + +1. Create or retrieve the username of a new personal account. You'll +add this account as an "owner" for the new organization during the +migration process. If you already have another account, write down your +username. + +2. Sign in as the account you wish to migrate and visit the migration page. + +3. Put the username of the personal account you wish to make an owner +of the organization into the username text field and press "Migrate". + +4. You should now be logged out and receive a confirmation email with +the personal account you migrated to. + +5. Now, sign in with your personal account. If you visit you settings page, +you should see your migrated organization available to administrate. diff --git a/website/source/docs/enterprise/organizations/trials.html.md b/website/source/docs/enterprise/organizations/trials.html.md new file mode 100755 index 000000000..373bcc6e4 --- /dev/null +++ b/website/source/docs/enterprise/organizations/trials.html.md @@ -0,0 +1,13 @@ +--- +layout: "organizations" +page_title: "Start an Terraform Enterprise Trial" +sidebar_current: "docs-enterprise-organizations-trials" +description: |- + Terraform Enterprise offers a 30-day trial. +--- + +# Start a trial + +Terraform Enterprise offers organizations 30-day trials for [Terraform Enterprise](https://www.hashicorp.com/products/terraform/), [Consul Enterprise](https://www.hashicorp.com/consul.html), and Vagrant Enterprise. Note that trials are available for organizations, not users. + +[Request a trial](https://www.hashicorp.com/products/terraform/) for your organization. \ No newline at end of file diff --git a/website/source/docs/enterprise/user-accounts/authentication.html.md b/website/source/docs/enterprise/user-accounts/authentication.html.md new file mode 100755 index 000000000..a1450b33b --- /dev/null +++ b/website/source/docs/enterprise/user-accounts/authentication.html.md @@ -0,0 +1,70 @@ +--- +layout: "accounts" +page_title: "User Authentication in Terraform Enterprise" +sidebar_current: "docs-enterprise-accounts-authentication" +description: |- + Terraform Enterprise requires a username and password to sign up and login. However, there are several ways to authenticate with your account. +--- + +# Authentication with Terraform Enterprise + +Terraform Enterprise requires a username and password to sign up and login. However, +there are several ways to authenticate with your account. + +### Authentication Tokens + +Authentication tokens are keys used to access your account via tools +or over the various APIs used in Terraform Enterprise. + +You can create new tokens in the token section +of your account settings. It's important to keep tokens secure, +as they are essentially a password and can be used to access your +account or resources. Additionally, token authentication +bypasses two factor authentication. + +### Authenticating Tools + +All HashiCorp tools look for the `ATLAS_TOKEN` environment variable: + + $ export ATLAS_TOKEN=TOKEN + +This will automatically authenticate all requests against +this token. This is the recommended way to authenticate with our various +tools. Care should be given to how this token is stored, as it is +as good as a password. + +### Two Factor Authentication + +You can optionally enable Two Factor authentication, requiring an +SMS or TOTP one-time code every time you log in, after entering +your username and password. + +You can enable Two Factor authentication in the security section +of your account settings. + +Be sure to save the generated recovery codes. Each backup code can +be used once to sign in if you do not have access to your two-factor +authentication device. + + +### Vagrant Login + +Only Vagrant allows for a `vagrant login` command, but it can be +used to login and automatically create an authentication token from Vagrant. + + $ vagrant login + # ... + Atlas username: + Atlas password: + +You can read more about `vagrant login` and its options +in the [Vagrant documentation](https://docs.vagrantup.com/v2/cli/login.html). You +cannot use Vagrant login with Two Factor authentication. + +### Sudo Mode + +When accessing certain admin-level pages (adjusting your user profile, for example), you may notice that you're prompted for your password, even though you're already logged in. This is by design, and aims to help guard protect you if your screen is unlocked and unattended. + +### Session Management + +You can see a list of your active sessions on your security settings page. From here, you can revoke sessions, in case you have lost access to a machine from which you were accessing. diff --git a/website/source/docs/enterprise/user-accounts/index.html.md b/website/source/docs/enterprise/user-accounts/index.html.md new file mode 100755 index 000000000..7ac07a1b1 --- /dev/null +++ b/website/source/docs/enterprise/user-accounts/index.html.md @@ -0,0 +1,13 @@ +--- +layout: "accounts" +page_title: "User Accounts in Terraform Enterprise" +sidebar_current: "docs-enterprise-accounts" +description: |- + Users are the main identity system in Terraform Enterprise. +--- + +# User Accounts in Terraform Enterprise + +Users are the main identity system in Terrafgorm Enterprise. A user can +be a member of multiple [organizations](/docs/enterprise/organizations), as well as individually collaborate on various resources. + diff --git a/website/source/docs/enterprise/user-accounts/recovery.html.md b/website/source/docs/enterprise/user-accounts/recovery.html.md new file mode 100755 index 000000000..831cef2a8 --- /dev/null +++ b/website/source/docs/enterprise/user-accounts/recovery.html.md @@ -0,0 +1,14 @@ +--- +layout: "accounts" +page_title: "User Account Recovery" +sidebar_current: "docs-enterprise-accounts-recovery" +description: |- + If you have lost access to your account, use the reset password form to send yourself a link to reset your password. +--- + +# Terraform Enterprise Account Recovery + +If you have lost access to your Terraform Enterprise account, use the reset password +form on the login page to send yourself a link to reset your password. + +If an email is unknown, [contact us](mailto:support@hashicorp.com) for further help. diff --git a/website/source/layouts/accounts.erb b/website/source/layouts/accounts.erb new file mode 100644 index 000000000..c175cb180 --- /dev/null +++ b/website/source/layouts/accounts.erb @@ -0,0 +1,25 @@ +<% wrap_layout :inner do %> + <% content_for :sidebar do %> + + <% end %> + + <%= yield %> +<% end %> diff --git a/website/source/layouts/docs.erb b/website/source/layouts/docs.erb index f819d334e..de0a7c642 100644 --- a/website/source/layouts/docs.erb +++ b/website/source/layouts/docs.erb @@ -336,7 +336,6 @@ Microsoft Azure (Legacy ASM) -<<<<<<< HEAD > MySQL @@ -559,6 +558,21 @@ > VCS Integration + > + User Accounts + + > + Organizations + + > + Billing + + > + Glossary + + > + FAQ + diff --git a/website/source/layouts/faq.erb b/website/source/layouts/faq.erb new file mode 100644 index 000000000..c06dd8f84 --- /dev/null +++ b/website/source/layouts/faq.erb @@ -0,0 +1,25 @@ +<% wrap_layout :inner do %> + <% content_for :sidebar do %> + + <% end %> + + <%= yield %> +<% end %> diff --git a/website/source/layouts/organizations.erb b/website/source/layouts/organizations.erb new file mode 100644 index 000000000..831f24489 --- /dev/null +++ b/website/source/layouts/organizations.erb @@ -0,0 +1,34 @@ +<% wrap_layout :inner do %> + <% content_for :sidebar do %> + + <% end %> + + <%= yield %> +<% end %>