GitHub Secrets (opens in a new tab) can be used to store sensitive information. They are translated into environment variables in the Terrateam GitHub Action runtime environment. These environment variables may be referenced in your Terraform code.
Your secrets never touch our servers outside of Terraform plan files.
TF_VAR Environment variables
Secrets that start with
TF_VAR_ are treated specially by Terrateam.
GitHub Secrets are always uppercase, however by convention Terraform variables
are lowercase. Terrateam automatically finds all secrets that start with
TF_VAR_ and creates a new environment variable that has the lowercase name.
If the lowercase name exists, no action is taken. The uppercase environment
variable is left unchanged. For example, the secret
create a new environment variable called
These instructions require you to run commands from a terminal.
Create a new secret
- Export your Terraform
organization/repocombination as an environment variable.
- Create a new repository secret
gh secret --repo "$REPO" set SECRET_NAME