All Articles

Fileless Terraform

Recently, I had the need to run Terraform deployments, but couldn’t come up with a nice way to pass in the Terraform deployment file I wanted dynamically without the need to create anything on the filesystem. Luckily, I didn’t need to persist state of my deployment (although remote state would probably work), I just needed infrastructure to get setup and get setup well. I ended up on a solution using Docker and passing the configuration files as environment variables to the Docker container on run.

Reviewing the Dockerfile first:

FROM golang:alpine
LABEL Author="HashiCorp Terraform Team <[email protected]>"


RUN apk add --update git bash openssh


RUN git clone ./ && \
    git checkout v${TERRAFORM_VERSION} && \
    /bin/bash scripts/



CMD ["/"]

The major change from many Terraform Dockerfiles is utilizing a script for an entrypoint instead of the terraform command. The has the following contents:


echo $MAIN_CONFIG | base64 -d >
echo $VARS_CONFIG | base64 -d >

terraform init && terraform apply -auto-approve

The entrypoint is looking for environment variables set for Terraform main & variables configuration files as base64, decode them, and then create files for them. After those files have been created, terraform init can be run followed by terraform apply.

I’ve taken this a bit further and adapted it to AWS ECS and now I have my own way to ad hoc create the infrastructure I need from anywhere!