Command referenceiagctl createcreate service

iagctl create service opentofu-plan

Create a new OpenTofu plan service.

The iagctl create service opentofu-plan command creates an OpenTofu plan service in the gateway data store. You can then run the service with the iagctl run command. For more information, see Create gateway services.

Consider an OpenTofu plan in a repository called example-repo with the following directory layout:

$├── README.md
$├── deployment-plans
$│   ├── main.tf
$│   └── prod.tfvars

To create a service from the plan files in the deployment-plans directory, specify the repository with --repository and the subdirectory with --working-dir.

Prerequisites

Before you create an OpenTofu plan service, you need a repository that contains your plan files.

Syntax

$iagctl create service opentofu-plan <service-name> --repository <name> [flags]

Usage notes

Variables

Pass variables to the plan with the --var flag using key=value syntax. To reference a variables file in the repository, use --var-file. The file path must be relative to your --working-dir.

Remote backend configuration

Use the --backend-config flag to specify backend configuration options at service creation time. This is required when your OpenTofu plan uses a remote state backend — such as S3 or Azure Storage — instead of a local state file. Backend configuration values are stored as part of the service definition and passed to tofu init as -backend-config flags each time the service runs.

Specify --backend-config once per key-value pair. You can use it multiple times in the same command.

Decorators

You can attach a decorator to the service for input validation at runtime with the --decorator flag. For more information, see iagctl create decorator.

Examples

Create a basic OpenTofu plan service

The following example creates a service called my-opentofu-service where the plan files are at the root of the my-repo repository:

$iagctl create service opentofu-plan my-opentofu-service \
>--repository my-repo

Create an OpenTofu plan service with all options

The following example creates a service that specifies a working directory, variables, a variable file, a decorator, backend configuration, and metadata:

$iagctl create service opentofu-plan deployment-service \
>--repository example-repo \
>--working-dir deployment-plans \
>--var server_name=examplehostname \
>--var-file prod.tfvars \
>--decorator my-decorator \
>--backend-config bucket=my-terraform-state \
>--backend-config key=prod/terraform.tfstate \
>--backend-config region=us-east-1 \
>--description "An OpenTofu plan to deploy servers" \
>--tag servers

Create an OpenTofu plan service with an S3 remote backend

The following example creates a service that stores state in an S3 bucket:

$iagctl create service opentofu-plan s3-backed-plan \
>--repository my-repo \
>--working-dir deployment-plans \
>--backend-config bucket=my-terraform-state \
>--backend-config key=prod/terraform.tfstate \
>--backend-config region=us-east-1

Options

$  --backend-config stringArray  A backend configuration value as a key=value pair. Can be specified multiple times. Values are passed to tofu init as -backend-config flags at execution time.
$  --decorator string            The decorator to associate with the service.
$  --description string          A brief description of the service.
$  -h, --help                    Help for opentofu-plan.
$  --repository string           The gateway repository that contains the OpenTofu plan.
$  --tag stringArray             Metadata tags to associate with the service.
$  --var stringArray             A variable as a key=value pair for OpenTofu to use during plan execution.
$  --var-file stringArray        Path to a variable file for OpenTofu to use during plan execution. Relative to the working directory.
$  --working-dir string          Path to the directory where the plan exists, relative to the repository root.

Options inherited from parent commands

$  --profile string   Specify the client profile to use (case-insensitive, defaults to [client] section)
$  --config string   Path to the configuration file
$  --raw             Display the result of the command in raw format
$  --verbose         Enable verbose output