Workspaces API
Workspaces represent running infrastructure managed by Terraform.
Viewing a workspace (individually or in a list) requires permission to read runs. Changing settings and force-unlocking require admin access to the workspace. Locking and unlocking a workspace requires permission to lock and unlock the workspace. (More about permissions.)
Create a Workspace
POST /organizations/:organization_name/workspaces
Parameter | Description |
---|---|
:organization_name | The name of the organization to create the workspace in. The organization must already exist in the system, and the user must have permissions to create new workspaces. |
Note: Workspace creation is restricted to the owners team, teams with the "Manage Workspaces" permission, and the organization API token.
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
By supplying the necessary attributes under a vcs-repository
object, you can create a workspace that is configured against a VCS Repository.
Key path | Type | Default | Description |
---|---|---|---|
data.type | string | Must be "workspaces" . | |
data.attributes.name | string | The name of the workspace, which can only include letters, numbers, - , and _ . This will be used as an identifier and must be unique in the organization. | |
data.attributes.agent-pool-id | string | (nothing) | Required when execution-mode is set to agent . The ID of the agent pool belonging to the workspace's organization. This value must not be specified if execution-mode is set to remote or local or if operations is set to true . |
data.attributes.allow-destroy-plan | boolean | true | Whether destroy plans can be queued on the workspace. |
data.attributes.auto-apply | boolean | false | Whether to automatically apply changes when a Terraform plan is successful, with some exceptions. |
data.attributes.description | string | (nothing) | A description for the workspace. |
data.attributes.execution-mode | string | remote | Which execution mode to use. Valid values are remote , local , and agent . When set to local , the workspace will be used for state storage only. This value must not be specified if operations is specified. |
data.attributes.file-triggers-enabled | boolean | true | Whether to filter runs based on the changed files in a VCS push. If enabled, it uses either trigger-prefixes in conjunction with working_directory or trigger-patterns to describe the set of changed files that will start a run. If disabled, any push will trigger a run. |
data.attributes.global-remote-state | boolean | false | Whether the workspace should allow all workspaces in the organization to access its state data during runs. If false , then only specifically approved workspaces can access its state. Manage allowed workspaces using the Remote State Consumers endpoints, documented later on this page. Note: Terraform Enterprise admins can choose the default value for new workspaces if this attribute is omitted. |
data.attributes.operations | boolean | true | DEPRECATED Use execution-mode instead. Whether to use remote execution mode. When set to false , the workspace will be used for state storage only. This value must not be specified if execution-mode is specified. |
data.attributes.queue-all-runs | boolean | false | Whether runs should be queued immediately after workspace creation. When set to false, runs triggered by a VCS change will not be queued until at least one run is manually queued. |
data.attributes.source-name (beta) | string | (nothing) | A friendly name for the application or client creating this workspace. If set, this will be displayed on the workspace as "Created via <SOURCE NAME> ". |
data.attributes.source-url (beta) | string | (nothing) | A URL for the application or client creating this workspace. This can be the URL of a related resource in another app, or a link to documentation or other info about the client. |
data.attributes.speculative-enabled | boolean | true | Whether this workspace allows automatic speculative plans. Setting this to false prevents Terraform Cloud from running plans on pull requests, which can improve security if the VCS repository is public or includes untrusted contributors. It doesn't prevent manual speculative plans via the CLI or the runs API. |
data.attributes.terraform-version | string | (special) | The version of Terraform to use for this workspace. This can be either an exact version or a version constraint (like ~> 1.0.0 ); if you specify a constraint, the workspace will always use the newest release that meets that constraint. If omitted when creating a workspace, this defaults to the latest released version. |
data.attributes.trigger-prefixes | array | [] | List of trigger prefixes that describe the paths Terraform Cloud monitors for changes, in addition to the working directory. Trigger prefixes are always appended to the root directory of the repository. Terraform Cloud will start a run when files are changed in any directory path matching the provided set of prefixes. |
data.attributes.trigger-patterns | array | [] | List of glob patterns that describe the files Terraform Cloud monitors for changes. Trigger patterns are always appended to the root directory of the repository. |
data.attributes.vcs-repo | object | (nothing) | Settings for the workspace's VCS repository. If omitted, the workspace is created without a VCS repo. If included, you must specify at least the oauth-token-id and identifier keys below. |
data.attributes.vcs-repo.oauth-token-id | string | The VCS Connection (OAuth Connection + Token) to use. This ID can be obtained from the oauth-tokens endpoint. | |
data.attributes.vcs-repo.branch | string | (nothing) | The repository branch that Terraform will execute from. If omitted or submitted as an empty string, this defaults to the repository's default branch (e.g. master ) . |
data.attributes.vcs-repo.ingress-submodules | boolean | false | Whether submodules should be fetched when cloning the VCS repository. |
data.attributes.vcs-repo.identifier | string | A reference to your VCS repository in the format :org/:repo where :org and :repo refer to the organization and repository in your VCS provider. The format for Azure DevOps is :org/:project/_git/:repo . | |
data.attributes.vcs-repo.tags-regex | string | (nothing) | A regular expression used to match Git tags. Terraform Cloud triggers a run when this value is present and a VCS event occurs that contains a matching Git tag for the regular expression. |
data.attributes.working-directory | string | (nothing) | A relative path that Terraform will execute within. This defaults to the root of your repository and is typically set to a subdirectory matching the environment when multiple environments exist within the same repository. |
data.attributes.assessments-enabled | boolean | false | (previously drift-detection ) Whether or not Terraform Cloud performs health assessments for the workspace. May be overriden by the organization setting assessments-enforced . Only available for Business tier organizations, in workspaces running Terraform version 0.15.4+ and operating in Remote execution mode. Not available in Terraform Enterprise. |
Sample Payload
Without a VCS repository
With a VCS repository
_Using Git Tags
Terraform Cloud triggers a run when you push a Git tag that matches the regular expression (SemVer): 1.2.3
, 22.33.44
, etc.
For a monorepo using trigger prefixes
A run will be triggered in this workspace when changes are detected in any of the specified directories: /networking
, /modules
, or /vendor
.
For a monorepo using trigger patterns
A run will be triggered in this workspace when Terraform Cloud detects any of the following changes:
- A file with the extension
tf
in any directory structure in which the last folder is namednetworking
(e.g.,root/networking
androot/module/networking
) - Any file changed in the folder
/base
, no subfolders are included - Any file changed in the folder
/submodule
and all of its subfolders
Using Terraform Cloud Agents
Terraform Cloud Agents are a solution to allow Terraform Cloud to communicate with isolated, private, or on-premises infrastructure.
Sample Request
Sample Response
Without a VCS repository
Note: The assessments-enabled
property is only acceppted by or returned from Terraform Cloud.
With a VCS repository
Note: The assessments-enabled
property is only acceppted by or returned from Terraform Cloud.
Update a Workspace
A workspace can be updated via two endpoints, which behave identically. One refers to a workspace by its ID, and the other by its name and organization.
PATCH /workspaces/:workspace_id
Parameter | Description |
---|---|
:workspace_id | The ID of the workspace to update |
PATCH /organizations/:organization_name/workspaces/:name
Parameter | Description |
---|---|
:organization_name | The name of the organization the workspace belongs to. |
:name | The name of the workspace to update, which can only include letters, numbers, - , and _ . This will be used as an identifier and must be unique in the organization. |
Request Body
These PATCH endpoints require a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data.type | string | Must be "workspaces" . | |
data.attributes.name | string | (previous value) | A new name for the workspace, which can only include letters, numbers, - , and _ . This will be used as an identifier and must be unique in the organization. Warning: Changing a workspace's name changes its URL in the API and UI. |
data.attributes.agent-pool-id | string | (previous value) | Required when execution-mode is set to agent . The ID of the agent pool belonging to the workspace's organization. This value must not be specified if execution-mode is set to remote or local or if operations is set to true . |
data.attributes.allow-destroy-plan | boolean | (previous value) | Whether destroy plans can be queued on the workspace. |
data.attributes.auto-apply | boolean | (previous value) | Whether to automatically apply changes when a Terraform plan is successful, with some exceptions. |
data.attributes.description | string | (previous value) | A description for the workspace. |
data.attributes.execution-mode | string | (previous value) | Which execution mode to use. Valid values are remote , local , and agent . When set to local , the workspace will be used for state storage only. This value must not be specified if operations is specified. |
data.attributes.file-triggers-enabled | boolean | (previous value) | Whether to filter runs based on the changed files in a VCS push. If enabled, it uses either trigger-prefixes in conjunction with working_directory or trigger-patterns to describe the set of changed files that will start a run. If disabled, any push will trigger a run. |
data.attributes.global-remote-state | boolean | (previous value) | Whether the workspace should allow all workspaces in the organization to access its state data during runs. If false , then only specifically approved workspaces can access its state. Manage allowed workspaces using the Remote State Consumers endpoints, documented later on this page. |
data.attributes.operations | boolean | (previous value) | DEPRECATED Use execution-mode instead. Whether to use remote execution mode. When set to false , the workspace will be used for state storage only. This value must not be specified if execution-mode is specified. |
data.attributes.queue-all-runs | boolean | (previous value) | Whether runs should be queued immediately after workspace creation. When set to false, runs triggered by a VCS change will not be queued until at least one run is manually queued. |
data.attributes.speculative-enabled | boolean | (previous value) | Whether this workspace allows automatic speculative plans. Setting this to false prevents Terraform Cloud from running plans on pull requests, which can improve security if the VCS repository is public or includes untrusted contributors. It doesn't prevent manual speculative plans via the CLI or the runs API. |
data.attributes.terraform-version | string | (previous value) | The version of Terraform to use for this workspace. This can be either an exact version or a version constraint (like ~> 1.0.0 ); if you specify a constraint, the workspace will always use the newest release that meets that constraint. |
data.attributes.trigger-prefixes | array | (previous value) | List of trigger prefixes that describe the paths Terraform Cloud monitors for changes, in addition to the working directory. Trigger prefixes are always appended to the root directory of the repository. Terraform Cloud will start a run when files are changed in any directory path matching the provided set of prefixes. |
data.attributes.trigger-patterns | array | (previous value) | List of glob patterns that describe the files Terraform Cloud monitors for changes. Trigger patterns are always appended to the root directory of the repository. |
data.attributes.vcs-repo | object or null | (previous value) | To delete a workspace's existing VCS repo, specify null instead of an object. To modify a workspace's existing VCS repo, include whichever of the keys below you wish to modify. To add a new VCS repo to a workspace that didn't previously have one, include at least the oauth-token-id and identifier keys. |
data.attributes.vcs-repo.oauth-token-id | string | (previous value) | The VCS Connection (OAuth Connection + Token) to use. This ID can be obtained from the oauth-tokens endpoint. |
data.attributes.vcs-repo.branch | string | (previous value) | The repository branch that Terraform will execute from. |
data.attributes.vcs-repo.ingress-submodules | boolean | (previous value) | Whether submodules should be fetched when cloning the VCS repository. |
data.attributes.vcs-repo.identifier | string | (previous value) | A reference to your VCS repository in the format :org/:repo where :org and :repo refer to the organization and repository in your VCS provider. The format for Azure DevOps is :org/:project/_git/:repo . |
data.attributes.vcs-repo.tags-regex | string | (previous value) | A regular expression used to match Git tags. Terraform Cloud triggers a run when this value is present and a VCS event occurs that contains a matching Git tag for the regular expression. |
data.attributes.working-directory | string | (previous value) | A relative path that Terraform will execute within. This defaults to the root of your repository and is typically set to a subdirectory matching the environment when multiple environments exist within the same repository. |
data.attributes.assessments-enabled | boolean | false | (previously drift-detection ) Whether or not Terraform Cloud performs health assessments for the workspace. May be overriden by the organization setting assessments-enforced . Only available for Business tier organizations, in workspaces running Terraform version 0.15.4+ and operating in Remote execution mode. Not available in Terraform Enterprise. |
Sample Payload
Sample Request
Sample Response
List workspaces
This endpoint lists workspaces in the organization.
GET /organizations/:organization_name/workspaces
Parameter | Description |
---|---|
:organization_name | The name of the organization to list the workspaces of. |
Query Parameters
This endpoint supports pagination with standard URL query parameters. Remember to percent-encode [
as %5B
and ]
as %5D
if your tooling doesn't automatically encode URLs.
Parameter | Description |
---|---|
page[number] | Optional. If omitted, the endpoint will return the first page. |
page[size] | Optional. If omitted, the endpoint will return 20 workspaces per page. |
search[name] | Optional. Allows searching the organization's workspaces by name. |
search[tags] | Optional. If specified, restricts results to workspaces with that tag. If multiple comma separated values are specified, results matching all of the tags are returned. |
search[exclude-tags] | Optional. If specified, results exclude workspaces with that tag. If multiple comma separated values are specified, workspaces with tags matching any of the tags are excluded. |
Sample Request
Sample Response
Show workspace
Details on a workspace can be retrieved from two endpoints, which behave identically.
One refers to a workspace by its ID:
GET /workspaces/:workspace_id
Parameter | Description |
---|---|
:workspace_id | The workspace ID |
The other refers to a workspace by its name and organization:
GET /organizations/:organization_name/workspaces/:name
Parameter | Description |
---|---|
:organization_name | The name of the organization the workspace belongs to. |
:name | The name of the workspace to show details for, which can only include letters, numbers, - , and _ . |
Workspace performance attributes
The following attributes are helpful in determining the overall health and performance of your workspace configuration. These metrics refer to the past 30 runs that have either resulted in an error or successfully applied.
Parameter | Type | Description |
---|---|---|
data.attributes.apply-duration-average | number | This is the average time runs spend in the apply phase, represented in milliseconds |
data.attributes.plan-duration-average | number | This is the average time runs spend in the plan phase, represented in milliseconds |
data.attributes.policy-check-failures | number | Reports the number of run failures resulting from a policy check failure |
data.attributes.run-failures | number | Reports the number of failed runs |
data.attributes.workspace-kpis-run-count | number | Total number of runs taken into account by these metrics |
Sample Request
Sample Response
Delete a workspace
When you delete a Terraform Cloud workspace with resources, Terraform can no longer track or manage that infrastructure. During a safe delete, Terraform Cloud only deletes the workspace if it is not managing resources.
You can safe delete a workspace using two endpoints that behave identically. The first endpoint identifies a workspace with the workspace ID, and the other identifies the workspace by its name and organization.
POST /workspaces/:workspace_id/actions/safe-delete
Parameter | Description |
---|---|
:workspace_id | The ID of the workspace to delete. |
DELETE /organizations/:organization_name/workspaces/:name/actions/safe-delete
Parameter | Description |
---|---|
:organization_name | The name of the workspace's organization. |
:name | The name of the workspace to delete, which can only include letters, numbers, - , and _ . |
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully deleted the workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform workspace delete |
409 | JSON API error object | Workspace is not safe to delete because it is managing resources |
Force Delete a workspace
During a force delete, Terraform Cloud removes the specified workspace without checking whether it is managing resources. We recommend using the safe delete endpoint instead, when possible.
Warning: Terraform cannot track or manage the workspace's infrastructure after deletion. We recommend destroying the workspace's infrastructure before you delete it.
By default, only organization owners can force delete workspaces. Organization owners can also update [organization's settings](/cloud-docs/users-teams organizations/organizations#general) to let workspace admins force delete their own workspaces.
You can use two endpoints to force delete a workspace, which behave identically. One endpoint identifies the workspace with its workspace ID and the other endpoint identifies the workspace with its name and organization.
DELETE /workspaces/:workspace_id
Parameter | Description |
---|---|
:workspace_id | The ID of the workspace to delete |
DELETE /organizations/:organization_name/workspaces/:name
Parameter | Description |
---|---|
:organization_name | The name of the organization the workspace belongs to. |
:name | The name of the workspace to delete, which can only include letters, numbers, - , and _ . |
Sample Request
Lock a workspace
This endpoint locks a workspace.
POST /workspaces/:workspace_id/actions/lock
Parameter | Description |
---|---|
:workspace_id | The workspace ID to lock. Obtain this from the workspace settings or the Show Workspace endpoint. |
Status | Response | Reason(s) |
---|---|---|
200 | JSON API document (type: "workspaces" ) | Successfully locked the workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
409 | JSON API error object | Workspace already locked |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
reason | string | "" | The reason for locking the workspace. |
Sample Payload
Sample Request
Sample Response
Unlock a workspace
This endpoint unlocks a workspace.
POST /workspaces/:workspace_id/actions/unlock
Parameter | Description |
---|---|
:workspace_id | The workspace ID to unlock. Obtain this from the workspace settings or the Show Workspace endpoint. |
Status | Response | Reason(s) |
---|---|---|
200 | JSON API document (type: "workspaces" ) | Successfully unlocked the workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
409 | JSON API error object | Workspace already unlocked, or locked by a different user |
Sample Request
Sample Response
Force Unlock a workspace
This endpoint force unlocks a workspace. Only users with admin access are authorized to force unlock a workspace.
POST /workspaces/:workspace_id/actions/force-unlock
Parameter | Description |
---|---|
:workspace_id | The workspace ID to force unlock. Obtain this from the workspace settings or the Show Workspace endpoint. |
Status | Response | Reason(s) |
---|---|---|
200 | JSON API document (type: "workspaces" ) | Successfully force unlocked the workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
409 | JSON API error object | Workspace already unlocked |
Sample Request
Sample Response
Assign an SSH key to a workspace
This endpoint assigns an SSH key to a workspace.
PATCH /workspaces/:workspace_id/relationships/ssh-key
Parameter | Description |
---|---|
:workspace_id | The workspace ID to assign the SSH key to. Obtain this from the workspace settings or the Show Workspace endpoint. |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data.type | string | Must be "workspaces" . | |
data.attributes.id | string | The SSH key ID to assign. Obtain this from the ssh-keys endpoint. |
Sample Payload
Sample Request
Sample Response
Unassign an SSH key from a workspace
This endpoint unassigns the currently assigned SSH key from a workspace.
PATCH /workspaces/:workspace_id/relationships/ssh-key
Parameter | Description |
---|---|
:workspace_id | The workspace ID to assign the SSH key to. Obtain this from the workspace settings or the Show Workspace endpoint. |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data.type | string | Must be "workspaces" . | |
data.attributes.id | string | Must be null . |
Sample Payload
Sample Request
Sample Response
Get Remote State Consumers
GET /workspaces/:workspace_id/relationships/remote-state-consumers
Parameter | Description |
---|---|
:workspace_id | The workspace ID to get remote state consumers for. Obtain this from the workspace settings or the Show Workspace endpoint. |
This endpoint retrieves the list of other workspaces that are allowed to access the given workspace's state during runs.
- If
global-remote-state
is set to false for the workspace, this will return the list of other workspaces that are specifically authorized to access the workspace's state. - If
global-remote-state
is set to true, this will return a list of every workspace in the organization except for the subject workspace.
The list returned by this endpoint is subject to the caller's normal workspace permissions; it will not include workspaces that the provided API token is unable to read.
Query Parameters
This endpoint supports pagination with standard URL query parameters. Remember to percent-encode [
as %5B
and ]
as %5D
if your tooling doesn't automatically encode URLs.
Parameter | Description |
---|---|
page[number] | Optional. If omitted, the endpoint will return the first page. |
page[size] | Optional. If omitted, the endpoint will return 20 workspaces per page. |
Sample Request
Sample Response
Replace Remote State Consumers
PATCH /workspaces/:workspace_id/relationships/remote-state-consumers
Parameter | Description |
---|---|
:workspace_id | The workspace ID to replace remote state consumers for. Obtain this from the workspace settings or the Show Workspace endpoint. |
This endpoint updates the workspace's remote state consumers to be exactly the list of workspaces specified in the payload. It can only be used for workspaces where global-remote-state
is false.
This endpoint can only be used by teams with permission to manage workspaces for the entire organization — only those who can view the entire list of consumers can replace the entire list. (More about permissions.) Teams with admin permissions on specific workspaces can still modify remote state consumers for those workspaces, but must use the add (POST) and remove (DELETE) endpoints listed below instead of this PATCH endpoint.
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully updated remote state consumers |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
422 | JSON API error object | Problem with payload or request; details provided in the error object |
Request Body
This PATCH endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data[].type | string | Must be "workspaces" . | |
data[].id | string | The ID of a workspace to be set as a remote state consumer. |
Sample Payload
Sample Request
Response
No response body.
Status code 204
.
Add Remote State Consumers
POST /workspaces/:workspace_id/relationships/remote-state-consumers
Parameter | Description |
---|---|
:workspace_id | The workspace ID to add remote state consumers for. Obtain this from the workspace settings or the Show Workspace endpoint. |
This endpoint adds one or more remote state consumers to the workspace. It can only be used for workspaces where global-remote-state
is false.
- The workspaces specified as consumers must be readable to the API token that makes the request.
- A workspace cannot be added as a consumer of itself. (A workspace can always read its own state, regardless of access settings.)
- You can safely add a consumer workspace that is already present; it will be ignored, and the rest of the consumers in the request will be processed normally.
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully updated remote state consumers |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
422 | JSON API error object | Problem with payload or request; details provided in the error object |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data[].type | string | Must be "workspaces" . | |
data[].id | string | The ID of a workspace to be set as a remote state consumer. |
Sample Payload
Sample Request
Response
No response body.
Status code 204
.
Delete Remote State Consumers
DELETE /workspaces/:workspace_id/relationships/remote-state-consumers
Parameter | Description |
---|---|
:workspace_id | The workspace ID to remove remote state consumers for. Obtain this from the workspace settings or the Show Workspace endpoint. |
This endpoint removes one or more remote state consumers from a workspace, according to the contents of the payload. It can only be used for workspaces where global-remote-state
is false.
- The workspaces specified as consumers must be readable to the API token that makes the request.
- You can safely remove a consumer workspace that is already absent; it will be ignored, and the rest of the consumers in the request will be processed normally.
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully updated remote state consumers |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
422 | JSON API error object | Problem with payload or request; details provided in the error object |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
Properties without a default value are required.
Key path | Type | Default | Description |
---|---|---|---|
data[].type | string | Must be "workspaces" . | |
data[].id | string | The ID of a workspace to remove from the remote state consumers. |
Sample Payload
Sample Request
Response
No response body.
Status code 204
.
Get Tags
GET /workspaces/:workspace_id/relationships/tags
Parameter | Description |
---|---|
:workspace_id | The workspace ID to fetch tags for. Obtain this from the workspace settings or the Show Workspace endpoint. |
This endpoint returns the tags that are currently associated to a workspace.
Query Parameters
This endpoint supports pagination with standard URL query parameters. Remember to percent-encode [
as %5B
and ]
as %5D
if your tooling doesn't automatically encode URLs.
Parameter | Description |
---|---|
page[number] | Optional. If omitted, the endpoint will return the first page. |
page[size] | Optional. If omitted, the endpoint will return 20 workspaces per page. |
Sample Request
Sample Response
Add tags to a workspace
This endpoints adds one or more tags to the workspace. The workspace must already exist, and any
tag element that supplies an id
attribute must exist. If the name
attribute is used, and no
matching organization tag exists with such name, a new one will be created.
POST /workspaces/:workspace_id/relationships/tags
Parameter | Description |
---|---|
:workspace_id | The workspace ID to add tags to. Obtain this from the workspace settings or the Show Workspace endpoint. |
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully added tags to workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
It is important to note that type
, as well as one of id
or attributes.name
is required.
Key path | Type | Default | Description |
---|---|---|---|
data[].type | string | Must be "tags" . | |
data[].id | string | The id of the tag to add. | |
data[].attributes.name | string | The name of the tag to add. |
Sample Payload
Sample Request
Sample Response
No response body.
Status code 204
.
Remove tags from workspace
This endpoint removes one or more tags from a workspace. The workspace must already exist, and tag
element that supplies an id
attribute must exist. If the name
attribute is used, and no matching
organization tag is found, no action will occur for that entry. Tags removed from all workspaces will be
removed from the organization-wide list.
DELETE /workspaces/:workspace_id/relationships/tags
Parameter | Description |
---|---|
:workspace_id | The workspace ID to remove tags from. Obtain this from the workspace settings or the Show Workspace endpoint. |
Status | Response | Reason(s) |
---|---|---|
204 | Nothing | Successfully removed tags to workspace |
404 | JSON API error object | Workspace not found, or user unauthorized to perform action |
Request Body
This POST endpoint requires a JSON object with the following properties as a request payload.
It is important to note that type
, as well as one of id
or attributes.name
is required.
Key path | Type | Default | Description |
---|---|---|---|
data[].type | string | Must be "tags" . | |
data[].id | string | The id of the tag to remove. | |
data[].attributes.name | string | The name of the tag to remove. |
Sample Payload
Sample Request
Sample Response
No response body.
Status code 204
.
Available Related Resources
The GET endpoints above can optionally return related resources, if requested with the include
query parameter. The following resource types are available:
organization
- The full organization record.current_configuration_version
- The last configuration this workspace received, excluding plan-only configurations. Terraform uses this configuration for new runs, unless you provide a different one.current_configuration_version.ingress_attributes
- The commit information for the current configuration version.current_run
- Additional information about the current run.current_run.plan
- The plan used in the current run.current_run.configuration_version
- The configuration used in the current run.current_run.configuration_version.ingress_attributes
- The commit information used in the current run.locked_by
- The user, team, or run responsible for locking the workspace, if the workspace is currently locked.readme
- The most recent workspace README.mdoutputs
- The outputs for the most recently applied run.