opentofu

mirror of https://github.com/opentofu/opentofu.git synced 2026-02-18 18:17:54 -05:00

OpenTofu - Fork open-source de Terraform (backup)

Find a file

Martin Atkins eab6920d7e website: S3 backend documentation recommends "aws login" The recent addition of "aws login" to AWS CLI finally gives a user-friendly best practice way to acquire AWS credentials for use in interactive workflows. Combined with the pre-existing support for authenticating using JSON web tokens (by "web identity", as AWS calls it), there's no longer any good reason for most users of this backend to explicitly configure AWS credentials. Now that OpenTofu itself supports using credentials issued by "aws login", this reorganizes our documentation to begin with opinionated recommendations for how to provide credentials for the S3 backend in both interactive and non-interactive settings, and explicitly documents the inline static configuration settings as an absolute last resort not recommended in any cases. This new documentation also includes links to the relevant parts of the AWS CLI documentation, since there's a lot of extra detail there which may be useful for someone trying to debug why their setup isn't working. Signed-off-by: Martin Atkins <mart@degeneration.co.uk>		2026-02-13 08:32:44 -08:00
.github	Exclude v1.8 from govulncheck (#3733 )	2026-02-05 17:54:44 +02:00
cmd/tofu	Refactor init command to use View instead of Ui (#3749 )	2026-02-11 16:29:31 +02:00
contributing	Remove last remnants of ".go-version" file	2026-01-20 07:50:18 -05:00
docs	Remove last remnants of ".go-version" file	2026-01-20 07:50:18 -05:00
internal	docs: clarify that uuid() function does not produce RFC 4122 compliant v4 uuids (#3763 )	2026-02-13 09:09:31 +00:00
rfc	[RFC]Proposal to remove `Meta` struct, rework flags handling and pave the way for a possible new CLI layer (#3471 )	2026-02-12 08:46:31 +02:00
scripts	go.mod: Use the new "tool" directive	2025-10-10 07:06:56 -03:00
testing	plan diff: summarize the current -> planned notation	2025-08-26 11:37:44 -07:00
tools	Remove last remnants of ".go-version" file	2026-01-20 07:50:18 -05:00
version	version: Update which dependencies we consider "interesting"	2025-12-17 12:57:02 -08:00
website	website: S3 backend documentation recommends "aws login"	2026-02-13 08:32:44 -08:00
.copywrite.hcl	ignore any lock file on license header check (#1776 )	2024-07-08 15:27:11 +03:00
.devcontainer.json	Update .devcontainer.json to Go 1.25.6 (#3719 )	2026-02-03 07:28:18 -05:00
.gitattributes	fix: `internal/getprovider` tests on Windows (#3275 )	2025-09-16 15:29:31 -03:00
.gitignore	Fix linting on Windows (#3457 )	2025-12-02 07:11:14 -03:00
.golangci.yml	lint: reintroduce ST1012 static check	2026-01-05 11:54:37 -06:00
.goreleaser.yaml	More nightly build work, hardcode env vars and remove version (#3138 )	2025-08-13 14:33:52 +01:00
.licensei.toml	feat: add license checks on dependencies (#310 )	2023-09-13 19:10:41 +03:00
.tfdev	Rename github.com/placeholderplaceholderplaceholder/opentf to github.com/opentofu/opentofu (#461 )	2023-09-20 14:35:35 +03:00
CHANGELOG.md	go.mod: Upgrade to Go 1.26	2026-02-12 07:57:45 -08:00
CHARTER.md	Updated references and moved governance stuff to a new repo opentofu/org (#2953 )	2025-06-25 10:50:10 -07:00
CODE_OF_CONDUCT.md	Update core team email. (#752 )	2023-10-19 12:03:39 +02:00
codecov.yml	Update copyright notice (#1232 )	2024-02-08 09:48:59 +00:00
CODEOWNERS	update `CODEOWNERS` to match the new governance chart (#2959 )	2025-06-25 12:47:24 -03:00
CONTRIBUTING.md	Update CONTRIBUTING.md - Changing TSC membership (#3053 )	2025-07-22 09:25:26 -07:00
CONTRIBUTING.RELEASE.md	Add github workflow to run govoulncheck on all branches with supported OpenTofu versions (#2636 )	2025-05-14 18:26:22 +03:00
Dockerfile	OpenTofu 1.10: Disable usage of ghcr.io image as a base image (#1994 )	2025-01-07 10:08:23 -05:00
Dockerfile.minimal	Fixes #2356 : Minimal base image (#2375 )	2025-01-15 13:46:34 +01:00
go.mod	go.mod: Upgrade all AWS SDK dependencies to latest available	2026-02-13 08:32:44 -08:00
go.sum	go.mod: Upgrade all AWS SDK dependencies to latest available	2026-02-13 08:32:44 -08:00
GOVERNANCE.md	Updated references and moved governance stuff to a new repo opentofu/org (#2953 )	2025-06-25 10:50:10 -07:00
LICENSE	Update copyright notice (#1232 )	2024-02-08 09:48:59 +00:00
MAINTAINERS.md	OpenTofu Charter and Governance (#2830 )	2025-05-23 08:18:56 -04:00
Makefile	Remove last remnants of ".go-version" file	2026-01-20 07:50:18 -05:00
README.md	Add nightly build info, clean up README.md (#3744 )	2026-02-09 15:34:39 +00:00
RELEASE.md	Add nightly build info, clean up README.md (#3744 )	2026-02-09 15:34:39 +00:00
SECURITY.md	Added Security disclousure policy (#749 )	2023-10-19 15:27:59 -07:00
WEEKLY_UPDATES.md	Weekly update 2024-10-11 (#2068 )	2024-10-11 15:20:00 +02:00

README.md

Homepage | Slack | Get Started

OpenTofu is an OSS tool for building, changing, and versioning infrastructure safely and efficiently. OpenTofu can manage existing and popular service providers as well as custom in-house solutions.

Getting help and contributing

Have a question?
- Post it in GitHub Discussions
- Open a GitHub issue
- Join us in the #opentofu channel on the CNCF Slack!
Want to contribute?
- Please read the Contribution Guide.
Recurring Events
- Community Meetings on Wednesdays at 12:30 UTC (calendar)
- Technical Steering Committee Meetings every other Tuesday at 4pm UTC (calendar)

Tip

For more OpenTofu events, subscribe to the OpenTofu Events Calendar!

Key features

Infrastructure as Code: Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used.
Execution Plans: OpenTofu has a "planning" step where it generates an execution plan. The execution plan shows what OpenTofu will do when you call apply. This lets you avoid any surprises when OpenTofu manipulates infrastructure.
Resource Graph: OpenTofu builds a graph of all your resources, and parallelizes the creation and modification of any non-dependent resources. Because of this, OpenTofu builds infrastructure as efficiently as possible, and operators get insight into dependencies in their infrastructure.
Change Automation: Complex changesets can be applied to your infrastructure with minimal human interaction. With the previously mentioned execution plan and resource graph, you know exactly what OpenTofu will change and in what order, avoiding many possible human errors.

Nightly Builds

Nightly builds are available for testing the latest changes on main. These are experimental and not intended for production use. Each build is removed after 30 days.

Nightly builds can be found at https://nightlies.opentofu.org/nightlies. For those who want to automate with tooling, https://nightlies.opentofu.org/nightlies/latest.json will be kept up to date with the latest build information.

For more details, see RELEASE.md.

Reporting security vulnerabilities

If you've found a vulnerability or a potential vulnerability in OpenTofu please follow Security Policy. We'll send a confirmation email to acknowledge your report, and we'll send an additional email when we've identified the issue positively or negatively.

Reporting possible copyright issues

If you believe you have found any possible copyright or intellectual property issues, please contact liaison@opentofu.org. We'll send a confirmation email to acknowledge your report.

Registry Access

In an effort to comply with applicable sanctions, we block access from specific countries of origin. For more details, see the Registry Inclusion Policy.

License

Mozilla Public License v2.0