August 7, 2025•josh-pollara
Announcing GitLab Support in Terrateam
GitLab.com and self-managed instances fully supported
Terrateam now supports GitLab (GitLab.com and self-managed). Run Terraform or OpenTofu from merge requests with the same policies and audit trail you use today.
What’s new
- MR-driven plan/apply: plans post as MR comments; apply via
terrateam apply
or apply-after-merge. - Guardrails: approvals, passing status checks, and no merge conflicts before apply.
- Access control: restrict who can plan/apply by environment, directory, or tag via
.terrateam/config.yml
. - Short‑lived credentials: OIDC for AWS/Azure/GCP instead of long‑lived keys.
- Runs on your infra: use your GitLab Runners.
Supported workflows
- Monorepo or multi-repo: scope runs by directory; tag directories for policy targeting.
- Parallel runs with ordering: run independent directories in parallel; declare simple dependencies when order matters.
- Apply-after-merge: optional auto-apply when the MR merges (recommended for non‑prod).
- Comment-to-apply:
terrateam apply
to execute applies from the MR thread. - Drift & cost hooks: integrate drift checks and cost estimation in review, before apply.
Compatibility
- Git providers: GitLab.com and self‑managed GitLab.
- IaC: Terraform, OpenTofu, CDKTF, Pulumi, and more.
- State: keep your existing backend (S3 + DynamoDB, GCS, Azure Blob, etc.).
- Runners: works with your GitLab Runners.
Security model
- OIDC over static keys: use cloud-native identity to issue short‑lived credentials at run time.
- Least privilege: tie roles to directories/environments; restrict applies to teams.
- Audit trail: every plan/apply is linked to commit, MR, and user.
Example: enable OIDC for AWS
# .terrateam/config.yml
hooks:
all:
pre:
- type: oidc
provider: aws
role_arn: "arn:aws:iam::123456789012:role/terrateam"
Deployment options
Cloud (managed)
Sign up at https://terrateam.io/signup and connect your GitLab account.
Self-hosted
- Docker Compose — single-node
- Kubernetes — HA + horizontal scaling
Docs: https://docs.terrateam.io/self-hosted
Get started
Standardize Terraform automation across GitLab projects with MRs, policies, and short‑lived credentials. Open your first MR and review the plan in‑line.