Terraform
Namespace overview
Namespaces let you connect a GitHub account to an HCP Terraform organization, letting organization members collectively manage that GitHub account’s public registry artifacts.
Every artifact in the public Terraform registry connects to a namespace that matches the name of the GitHub account that published that artifact. For example, the iam provider is published by the terraform-aws-modules namespace, which corresponds to an Github organization account with the same name.
You can claim a namespace in HCP Terraform by linking a GitHub account to an organization, claiming that account’s namespace. Each GitHub account namespace can belong to one HCP Terraform organization.
The public and private registries
The Terraform registry is a public interactive resource for discovering integrations and configuration packages. Anyone can publish and consume the artifacts in the public registry. An organization in HCP Terraform has a private registry that allows members to share modules and providers privately with other members of their organization.
An organization's private registry is separate from its public registry artifacts and workflows. For example, an organization owner can publish a new module to the public registry from one of their organization's claimed namespaces, and that module is not automatically included in that organization's private registry. If an organization member wants to use the newly published module, they must follow the the usual steps to add that module to their private registry.
Manage namespaces and registry artifacts
Note
Namespaces do not support publishing or managing policy libraries in the public registry. To publish or manage policy libraries with a namespace, continue to use the existing registry workflows.
Linking a GitHub account to an HCP Terraform organization lets organization members collectively manage the linked GitHub account’s public registry artifacts and the namespace itself.
Organization owners can manage claimed namespaces and specify which team members can interact with an organization's namespaces by setting organization-level permissions to either Manage public modules or Manage public providers.
Organization owners and teams with Manage public modules and Manage public providers permissions can perform the following actions for every namespaces in their organization:
- Publish new providers or modules to the public registry under a namespace
- Publish new versions of existing public registry artifacts
- Add GPG keys to a namespace
- Resync a namespace’s public registry artifacts
- View usage metrics for public registry artifacts
- Delete an artifact or an artifact version