Skip to navigationSkip to main contentSkip to footerScaleway DocsAsk our AI
Ask our AI
Log inSign up

How to use IAM authentication for Cockpit with Terraform/OpenTofu

This page shows you how to use Terraform/OpenTofu to access your Cockpit's Grafana.

Before you start

To complete the actions presented below, you must have:

  • A Scaleway account with access to the Scaleway console
  • Owner status or IAM permissions allowing you to perform actions in the intended Organization
  • Created an API key with the required rights to allow Terraform/OpenTofu to access Grafana
  • Installed the latest versions of the Scaleway and Grafana Terraform/OpenTofu providers

Storing your credentials

  1. Open a terminal and create a scaleway.auto.tfvars file to store your credentials. Terraform/OpenTofu will load it automatically.

  2. Paste the code below inside your file. Make sure that you replace the placeholder values with your own.

    access_key       = "<SCWXXXXXXXXXXXXXXXXX>"
secret_key       = <xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx>"
organization_id  = "<xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx>"
project_id       = "<xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx>"

    Find out more about Terraform/OpenTofu configuration files in the dedicated documentation.

Configuring the Terraform/OpenTofu providers

  1. Create a main.tf file in the same folder in which you have created your scaleway.auto.tfvars file:

    nano main.tf

  2. Paste the following content into your file:

    terraform {
    required_providers {
    scaleway = {
        source  = "scaleway/scaleway"
        version = "2.64.0"
    }
    grafana = {
        source  = "grafana/grafana"
        version = "4.21.0"
    }
    }
}

variable "access_key" {
    type      = string
    sensitive = true
}

variable "secret_key" {
    type      = string
    sensitive = true
}

variable "organization_id" {
    type      = string
    sensitive = true
}

variable "project_id" {
    type      = string
    sensitive = true
}

provider "scaleway" {
    access_key      = var.access_key
    secret_key      = var.secret_key
    organization_id = var.organization_id
    project_id      = var.project_id
}

provider "grafana" {
    url          = "https://${var.project_id}.dashboard.cockpit.scaleway.com"
    auth         = "anonymous"

    http_headers = {
    "X-Auth-Token" = var.secret_key
    }
}

  3. Save your file and exit your text editor.

  4. Run terraform init to load the newly created configuration file into Terraform/OpenTofu.

  5. Plan the execution of the tasks to be done by Terraform using terraform plan.

  6. Apply the new configuration by running terraform apply. Confirm the execution of the plan by typing yes when prompted.

  7. Enter yes to confirm.

Note

The Scaleway Terraform/OpenTofu provider also allows you to manage Cockpit-specific resources such as alerting rules, access tokens, and data sources.

See Also
How to manage data exports
Still need help?

Create a support ticket
No Results