API Reference¶
Liveness Probe¶
Responds with status 200 OK if the Terralist instance is healthy.
Example Request¶
Example Response¶
Readiness Probe¶
Responds with status 200 OK if the Terralist instance is ready.
Example Request¶
Example Response¶
Service Discovery¶
Terraform/OpenTofu service discovery endpoint. Instructs the CLI tool where to find resources.
Example Request¶
Example Response¶
List all versions for a provider¶
Get all versions for a provider.
Example Request¶
curl -L \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http://localhost:5758/v1/providers/NAMESPACE/NAME/versions
Example Response¶
Download provider version¶
Download a specific provider version.
Example Request¶
curl -L \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http://localhost:5758/v1/providers/NAMESPACE/NAME/VERSION/download/SYSTEM/ARCH
Example Response¶
{
"protocols": [
"5.0"
],
"os": "linux",
"arch": "amd64",
"filename": "terraform-provider-aws_5.46.0_linux_amd64.zip",
"download_url": "https://SOME-BUCKET-NAME.s3.SOME-REGION.amazonaws.com/providers/hashicorp/aws/5.46.0/terraform-provider-aws_5.46.0_linux_amd64.zip?X-Amz-Algorithm=[REDACTED]&X-Amz-Credential=[REDACTED]&X-Amz-Date=[REDACTED]&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=[REDACTED]",
"shasums_url": "https://SOME-BUCKET-NAME.s3.SOME-REGION.amazonaws.com/providers/hashicorp/aws/5.46.0/terraform-provider-aws_5.46.0_SHA256SUMS?X-Amz-Algorithm=[REDACTED]&X-Amz-Credential=[REDACTED]&X-Amz-Date=[REDACTED]&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=[REDACTED]",
"shasums_signature_url": "https://SOME-BUCKET-NAME.s3.SOME-REGION.amazonaws.com/providers/hashicorp/aws/5.46.0/terraform-provider-aws_5.46.0_SHA256SUMS.sigX-Amz-Algorithm=[REDACTED]&X-Amz-Credential=[REDACTED]&X-Amz-Date=[REDACTED]&X-Amz-Expires=900&X-Amz-SignedHeaders=host&X-Amz-Signature=[REDACTED]",
"shasum": "37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274",
"signing_keys": {
"gpg_public_keys": [
{
"key_id": "34365D9472D7468F",
"ascii_armor": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\n[REDACTED FOR SIMPLICITY]\n-----END PGP PUBLIC KEY BLOCK-----",
"trust_signature": "",
"string": "hashicorp",
"source_url": "https://www.hashicorp.com/security.html"
}
]
}
}
Upload a provider version¶
Upload a new provider version.
If the URLs from which the provider files should be downloaded are of types http or https, a dictionary of headers can be additionally passed, depending on your needs. If those headers are passed-in for other URL types, they will be ignored.
Example Request¶
curl -L -X POST \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
-d '{
"protocols": ["5.0"],
"headers": {
"Accept": "application/octet-stream",
"Authorization": "Bearer {TOKEN}",
"X-GitHub-Api-Version": "2022-11-28"
},
"shasums": {
"url": "https://api.github.com/repos/{OWNER}/{REPO}/releases/assets/{SHA256SUMS-ASSET-ID}",
"signature_url": "https://api.github.com/repos/{OWNER}/{REPO}/releases/assets/{SHA256SUMS-SIG-ASSET-ID}",
},
"platforms": [
{
"os": "linux",
"arch": "amd64",
"download_url": "https://api.github.com/repos/{OWNER}/{REPO}/releases/assets/{PROVIDER-LINUX-AMD64-ASSET-ID}",
"shasum": "{SHASUM}"
}
]
}' \
http://localhost:5758/v1/api/providers/NAMESPACE/NAME/VERSION/upload
Remove a provider¶
Remove a provider together with all its uploaded versions.
Example Request¶
curl -L -X DELETE \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/providers/NAMESPACE/NAME/remove
Example Response¶
Remove a provider version¶
Remove a specific provider version.
Example Request¶
curl -L -X DELETE \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/providers/NAMESPACE/NAME/VERSION/remove
Example Response¶
List all versions for a module¶
Get all versions for a module.
Example Request¶
curl -L \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http://localhost:5758/v1/modules/NAMESPACE/NAME/PROVIDER/versions
Example Response¶
Download module version¶
Download a specific provider version.
Example Request¶
curl -L \
-H "Authorization: Bearer <YOUR-TOKEN>" \
http://localhost:5758/v1/modules/NAMESPACE/NAME/PROVIDER/VERSION/download
Example Response¶
Upload a module version¶
Upload a new module version.
If the URL from which the module files should be downloaded is of types http or https, a dictionary of headers can be additionally passed, depending on your needs. If those headers are passed-in for other URL types, they will be ignored.
Example Request¶
curl -L -X POST \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
-d '{
"download_url": "https://api.github.com/repos/{OWNER}/{REPO}/releases/assets/{ASSET-ID}?archive=zip",
"headers": {
"Accept": "application/octet-stream",
"Authorization": "Bearer {TOKEN}",
"X-GitHub-Api-Version": "2022-11-28"
}
}' \
http://localhost:5758/v1/api/modules/NAMESPACE/NAME/PROVIDER/VERSION/upload
Notice the archive=zip query argument. If you want to instruct Terralist to download the asset from the API, you will also need to manually specify that the asset which is being downloaded is a zip archive.
curl -L -X POST \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
-d '{
"download_url": "https://github.com/{OWNER}/{REPO}/archive/refs/tags/{RELEASE-TAG-NAME}.zip",
"headers": {
"Accept": "application/octet-stream",
"Authorization": "Basic {YOUR-GITHUB-BASE64ENC-USERNAME-TOKEN}"
}
}' \
http://localhost:5758/v1/api/modules/NAMESPACE/NAME/PROVIDER/VERSION/upload
To obtain the basic auth token you can base64-encode the following string: {your-github-username}:{your-github-pat-with-read-access-to-the-repository}.
Example Response¶
Upload a module version (with local files)¶
Upload a new module version (with local files).
Example Request¶
curl -L -X POST \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
-F "module=@/path/to/your-module.zip"
http://localhost:5758/v1/api/modules/NAMESPACE/NAME/PROVIDER/VERSION/upload-files
Example Response¶
Remove a module¶
Remove a module together with all its uploaded versions.
Example Request¶
curl -L -X DELETE \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/modules/NAMESPACE/NAME/PROVIDER/remove
Remove a module version¶
Remove a specific module version.
Example Request¶
curl -L -X DELETE \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/modules/NAMESPACE/NAME/PROVIDER/VERSION/remove
Example Response¶
List API keys¶
List all standalone API keys visible to the authenticated user. Results are filtered based on the caller's RBAC policies — only keys for which the user has get permission on api-keys are returned.
Example Request¶
curl -L \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/api-keys/
Example Response¶
Create an API key¶
Create a standalone API key with RBAC policies. Requires create permission on api-keys for the specified scope.
The scope field is required and determines who can manage the key via RBAC policies (see API Key Scopes).
The expire_in field is optional and specifies the expiration in hours. If omitted or set to 0, the key does not expire.
Example Request¶
curl -L -X POST \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
-d '{
"name": "ci-deploy-key",
"scope": "team-a",
"expire_in": 720,
"policies": [
{
"resource": "modules",
"action": "create",
"object": "my-authority/*/*",
"effect": "allow"
},
{
"resource": "modules",
"action": "get",
"object": "my-authority/*/*",
"effect": "allow"
}
]
}' \
http://localhost:5758/v1/api/api-keys/
Example Response¶
The id is the API key value. Store it securely — it cannot be retrieved again.
Delete an API key¶
Delete a standalone API key. Requires delete permission on api-keys.
Example Request¶
curl -L -X DELETE \
-H "Authorization: Bearer x-api-key:<YOUR-TOKEN>" \
http://localhost:5758/v1/api/api-keys/550e8400-e29b-41d4-a716-446655440000