We\u2019re excited to share the latest enhancement to HashiCorp Terraform\u2019s permissions capabilities: multiple team tokens. Now generally available in HCP Terraform and coming soon Terraform Enterprise, this addition helps organizations create distinct tokens for different teams, facilitating better access control and collaboration within Terraform environments.<\/p>\n
Similar to the recent releases of Terraform\u2019s manage teams<\/a><\/em> and manage agent pools<\/a><\/em> capabilities, this new team-API token management setting marks another step in our effort to help users simplify permissions management and enable the least privilege principle in their infrastructure workflows.<\/p>\n Within HCP Terraform, three types of API tokens<\/a> exist to facilitate programmatic access: <\/p>\n User API tokens<\/strong> that belong to a specific user Team tokens are the most commonly used token type for automation workflows because they can be scoped with granular access to projects and workspaces. And since they\u2019re not tied to an individual user, there\u2019s less operational risk when users leave the organization.<\/p>\n Previously, HCP Terraform only allowed a single team API token per team. This token was shared among all team members, meaning that any automation, scripts, or integrations that require API access must use the same credentials. While this simplified token management, it presented challenges in terms of security, access control, and auditing.<\/p>\n With only one token per team, organizations faced difficulties in tracking who was using the token. Also, if a token was compromised, it had to be regenerated, potentially disrupting existing workflows that rely on it. Organizations with multiple automation pipelines or integrations often need separate credentials for better security segmentation, which was not possible with the current single-token approach.<\/p>\n To address these limitations, Terraform is introducing a new capability that allows customers to generate multiple team tokens, providing greater flexibility and security in managing API access.<\/p>\n Selecting a group that already has an existing token no longer warns that a token already exists for the group, and a description can be added:<\/p>\n The ability to create multiple team API tokens is now available for all tiers in HCP Terraform and coming soon to Terraform Enterprise. Please refer to Terraform\u2019s Teams documentation<\/a> for details on getting started.<\/p>\n If you are new to Terraform, you can get started with HashiCorp-managed HCP Terraform <\/a>for free to begin provisioning and managing your infrastructure in any environment. And don\u2019t forget to link your HCP Terraform and HashiCorp Cloud Platform (HCP) accounts<\/a> for a seamless sign-in experience.<\/p>","protected":false},"excerpt":{"rendered":" We\u2019re excited to share the latest enhancement to HashiCorp Terraform\u2019s permissions capabilities: multiple team tokens. Now generally available in HCP […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[6],"tags":[],"class_list":["post-1967","post","type-post","status-publish","format-standard","hentry","category-terraform"],"_links":{"self":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/1967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/comments?post=1967"}],"version-history":[{"count":0,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/posts\/1967\/revisions"}],"wp:attachment":[{"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/media?parent=1967"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/categories?post=1967"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rssfeedtelegrambot.bnaya.co.il\/index.php\/wp-json\/wp\/v2\/tags?post=1967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}API token management in Terraform<\/h2>\n
\nTeam API tokens<\/strong> that belong to a specific team without being tied to any one user
\nThe organization API token<\/strong> that provides administrative access to settings and resources at the organizational level<\/p>\nImproved control with multiple team API tokens<\/h2>\n
Summary and resources<\/h2>\n