<img alt="Terraboard logo" height="200" src="https://github.com/camptocamp/terraboard/raw/v2.4.0/logo/terraboard_logo.png">
🌍 📋 A web dashboard to inspect Terraform States
Website: https://terraboard.io
Caution: Terraboard's Docker registry was migrated from Dockerhub to GHCR! All new tags will be now pushed here. You can still access to old tags on the legacy Dockerhub repository.
Table of content
Terraboard is a web dashboard to visualize and query Terraform states. It currently features:
It currently supports several remote state backend providers:
Terraboard is now able to handle multiple buckets/providers configuration! 🥳 Check configuration section for more details.
The overview presents all the state files in the S3 bucket, by most recent modification date.

The search view allows to find resources by various criteria.

The state view presents details of a Terraform state at a given version.

From the state view, you can compare the current state version with another version.

Independently of the location of your statefiles, Terraboard needs to store an internal version of its dataset. For this purpose it requires a PostgreSQL database. Data resiliency is not paramount though as this dataset can be rebuilt upon your statefiles at anytime.
.tfstate suffixs3:GetObjects3:ListBuckets3:ListBucketVersionss3:GetObjectVersiondynamodb:Scan access to that table.Terraboard currently supports configuration in three different ways:
test/ subdirectory.Important: all flags/environment variables related to the providers settings aren't compatible with multi-provider configuration! Instead, you must use the YAML config file to be able to configure multiples buckets/providers. YAML config is able to load values from environments variables.
The precedence of configurations is as described below.
In order for Terraboard to import states from multiples buckets or even providers, you must use the YAML configuration method:
CONFIG_FILE environment variable or the -c/--config-file flag to point to a valid YAML config file.# Needed since MinIO doesn't support versioning or locking
provider:
no-locks: true
no-versioning: true
aws:
- endpoint: http://minio:9000/
region: ${AWS_DEFAULT_REGION}
s3:
- bucket: test-bucket
force-path-style: true
file-extension:
- .tfstate
- endpoint: http://minio:9000/
region: eu-west-1
s3:
- bucket: test-bucket2
force-path-style: true
file-extension:
- .tfstate
In the case of AWS, don't forget to set the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables.
That's it! Terraboard will now fetch these two buckets on DB refresh. You can also mix providers like AWS and Gitlab or anything else.
You can find a ready-to-use Docker example with two MinIO buckets in the test/multiple-minio-buckets/ sub-folder.
-V, --version Display version.-c, --config-file Config File path--no-versioning Disable versioning support from Terraboard (useful for S3 compatible providers like MinIO)--no-locks Disable locks support from Terraboard (useful for S3 compatible providers like MinIO)-l, --log-level Set log level ('debug', 'info', 'warn', 'error', 'fatal', 'panic').--log-format Set log format ('plain', 'json').--db-host Database host.--db-port Database port.--db-user Database user.--db-password Database password.--db-name Database name.--db-sslmode Database SSL mode.--no-sync Do not sync database.--sync-interval DB sync interval (in minutes)--aws-access-key AWS account access key.--aws-secret-access-key AWS secret account access key.--aws-session-token AWS session token.--dynamodb-table AWS DynamoDB table for locks.--aws-endpoint AWS endpoint.--aws-region AWS region.--aws-role-arn Role ARN to Assume.--aws-external-id External ID to use when assuming role.--s3-bucket AWS S3 bucket.--key-prefix AWS Key Prefix.--file-extension File extension(s) of state files.--force-path-style Force path style S3 bucket calls.--tfe-address Terraform Enterprise address for states access--tfe-token Terraform Enterprise Token for states access--tfe-organization Terraform Enterprise organization for states access--gcs-bucket Google Cloud bucket to search--gcp-sa-key-path The path to the service account to use to connect to Google Cloud Platform--gitlab-address GitLab address (root)--gitlab-token Token to authenticate upon GitLab-p, --port Port to listen on.--base-url Base URL.--logout-url Logout URL.-h, --help Show this help messageIn order to send Terraform plans to Terraboard, you must wrap it in this JSON format:
{
"lineage": "<Plan's lineage>",
"terraform_version": "<Terraform version>",
"git_remote": "<The URL of the remote that generated this plan>",
"git_commit": "<Commit hash>",
"ci_url": "<The URL of the CI that sent this plan>",
"source": "<Free field for the triggering event>",
"plan_json": "<Terraform plan JSON export>"
}
And send it to /api/plans using POST method
Configuration file can be provided to the container using a volume or a configuration.
```shell
export AWS_ACCESS_KEY_ID= export AWS_SECRET_ACCESS_KEY=
export AWS_DEFAULT_REGION= export AWS_BUCKET= export AWS_DYNAMODB_TABLE=<Aws DynamoDB Table
$ claude mcp add terraboard \
-- python -m otcore.mcp_server <graph>