Use Terraform with Apigee

Terraform is an infrastructure-as-code (IaC) tool that you can use to provision and configure Apigee using code.

When you use Terraform with Apigee, you createTerraform files that describes your desired configuration for provisioning or a feature. When you apply the configuration, Terraform creates an execution plan and performs the operations needed to configure Apigee.

Important: The Apigee GitHub Terraform modules are community-contributed and arenot officially supported by Google Cloud Support. Issues encountered while using these tools should be directed to the GitHub community: Apigee Terraform Modules Disclaimer.

This page summarizes the Terraform functionality available for Apigee. For general information about using Terraform with Google Cloud, seeTerraform on Google Cloud documentation.

Before you begin

In order to set up Terraform for your Apigee project:

  1. Prepare your development environment, either Cloud Shell or a local shell:

    Cloud Shell

    To use an online terminal with the gcloud CLI and Terraform already set up, activate Cloud Shell.

    At the bottom of this page, a Cloud Shell session starts and displays a command-line prompt. It can take a few seconds for the session to initialize.

    Note that Cloud Shell has Terraform already integrated.

    Local shell

    To use a local development environment, follow these steps:

    1. Install the Google Cloud CLI.

    2. If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

    3. Toinitialize the gcloud CLI, run the following command:

      gcloudinit
    4. Install Terraform.

  2. Verify that billing is enabled for your Google Cloud project.

  3. Enable the Cloud Resource Manager and Identity, Access Management (IAM) APIs:

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

    gcloudservicesenablecloudresourcemanager.googleapis.com  iam.googleapis.com
  4. Ensure that your Google Cloud project doesn't have theGoogle Cloud Platform - Resource Location Restrictionorganization policy constraint added.

Terraform resources for Apigee

The following table summarizes the features and functionality you can manage using Terraform resources for Apigee. This list might not be exhaustive. Find all of the Terraform resources for Apigee in the Apigee Terraform GitHub repository. Always check the GitHub repository for the latest functionality.

Apigee feature or functionalityTerraform support summaryMore information
Provision ApigeeProvision Apigee instances using Terraform.Provisioning options
Provision Apigee API hubConfigure and manage API hub using Terraform.Provision API hub with Terraform
Configure Advanced API SecurityConfigure risk assessment security profiles and monitoring conditions (v2)

Configure abuse detection exclusion lists
Configure security actions		 Configure Advanced API Security with Terraform

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026-02-19 UTC.