Use Terraform with Apigee
Terraform is an infrastructure-as-code (IaC) tool that you can use to provision and configure Apigee using code.
When you use Terraform with Apigee, you createTerraform files that describes your desired configuration for provisioning or a feature. When you apply the configuration, Terraform creates an execution plan and performs the operations needed to configure Apigee.
This page summarizes the Terraform functionality available for Apigee. For general information about using Terraform with Google Cloud, seeTerraform on Google Cloud documentation.
Before you begin
In order to set up Terraform for your Apigee project:
Prepare your development environment, either Cloud Shell or a local shell:
Cloud Shell
To use an online terminal with the gcloud CLI and Terraform already set up, activate Cloud Shell.
At the bottom of this page, a Cloud Shell session starts and displays a command-line prompt. It can take a few seconds for the session to initialize.
Note that Cloud Shell has Terraform already integrated.
Local shell
To use a local development environment, follow these steps:
Install the Google Cloud CLI.
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Toinitialize the gcloud CLI, run the following command:
gcloudinit
- Install Terraform.
Verify that billing is enabled for your Google Cloud project.
Enable the Cloud Resource Manager and Identity, Access Management (IAM) APIs:
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.
gcloudservicesenablecloudresourcemanager.googleapis.comiam.googleapis.com
Google Cloud Platform - Resource Location Restrictionorganization policy constraint added.Important: API hub uses Cloud Scheduler for some of its features. Cloud Scheduler is not available in all Google Cloud locations. If you are provisioning API hub in a location where Cloud Scheduler is not available, it will be provisioned in a fallback location. For a list of these locations and their fallbacks, seeAPI hub locations. If your organization has aResource Location Restriction policy that prevents resources from being created in the fallback location, provisioning will fail.Terraform resources for Apigee
The following table summarizes the features and functionality you can manage using Terraform resources for Apigee. This list might not be exhaustive. Find all of the Terraform resources for Apigee in the Apigee Terraform GitHub repository. Always check the GitHub repository for the latest functionality.
| Apigee feature or functionality | Terraform support summary | More information |
|---|---|---|
| Provision Apigee | Provision Apigee instances using Terraform. | Provisioning options |
| Provision Apigee API hub | Configure and manage API hub using Terraform. | Provision API hub with Terraform |
| Configure Advanced API Security | Configure security actions and some aspects of Risk Assessment v2. | Configure Advanced API Security with Terraform |
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-12-17 UTC.