Skip to main content
A provider is a plugin that lets Terraform manage an external API. In your CDK Terrain (CDKTN) application, you use your preferred programming language to define the resources you want Terraform to manage on one or more providers. You can install pre-built providers packaged with the required code bindings for your language or add providers to the cdktf.json file and generate code bindings manually. To use providers in your application, you can import them from the Terraform Registry or the OpenTofu Registry, or from your local machine.

What Are Providers?

Provider plugins like the AWS provider or the cloud-init provider act as a translation layer that allows Terraform to communicate with many different cloud providers, databases, and services. Plugin Communication OverviewOPENTOFU/ TERRAFORM CORERPCPROVIDER(Go plugin)GOLANGCLIENTLIBRARYHTTP(S)TARGET API Terraform uses providers to provision resources, which describe one or more infrastructure objects like virtual networks and compute instances. Each provider on the Terraform Registry (also available on the OpenTofu Registry) has documentation detailing available resources and their configuration options.

Install Pre-Built Providers

It can take several minutes for CDKTN to generate the code bindings for providers with very large schemas, so we offer several popular providers as pre-built packages. Pre-built providers are a completely optional performance optimization, and you may prefer to generate the code bindings for these providers yourself. For example, you may want to use a different version of that provider than the one in the pre-built package. The Terraform CDK Providers page has a complete list, but available pre-built providers include the following options: We regularly publish these packages to NPM / PyPi, and you can treat them like any other dependency. The following example shows how to install the AWS provider in TypeScript / Node. 
npm install @cdktn/provider-aws
When you use npm install to install a pre-built provider, you should not define that provider again in your cdktf.json file. If you receive errors while running cdktn synth because of duplicate providers, remove the duplicates from your cdktf.json file, delete tsbuildinfo.json, and run cdktn synth again.

Add Providers with CLI

Use the provider add command to automatically install a pre-built provider if available. If a pre-built provider is not available, CDKTN uses local provider bindings.

Import Providers

CDK Terrain lets you import Terraform providers to your project. This TypeScript example project has a main.ts file that defines AWS resources. 
import { Construct } from "constructs";
import { TerraformStack, TerraformVariable, Token } from "cdktn";
import { AwsProvider } from "./.gen/providers/aws/provider";
import { Instance } from "./.gen/providers/aws/instance";

export class ProvidersStack extends TerraformStack {
  constructor(scope: Construct, id: string) {
    super(scope, id);

    new AwsProvider(this, "aws", {
      region: "us-east-1",
    });

    const instance = new Instance(this, "Hello", {
      ami: "ami-2757f631",
      instanceType: "t2.micro",
    });
  }
}

Add Provider to cdktf.json

To use a new provider, first add it to the "terraformProviders" array in the cdktf.json file. The following example adds the DNS Simple provider. 
{
  "language": "typescript",
  "app": "npm run --silent compile && node main.js",
  "terraformProviders": ["aws@~> 2.0", "dnsimple/dnsimple"]
}

Generate Classes

Go to the working directory and run cdktn get to create the appropriate TypeScript classes for the provider automatically. 
cdktn get
 downloading and generating providers...

Generated typescript constructs in the output directory: .gen

Import Classes

Import and use the generated classes in your application. The following example imports the DnsimpleProvider and Record resources from ./.gen/providers/dnsimple and defines them. 
import { Construct } from "constructs";
import { TerraformStack, TerraformVariable, Token } from "cdktn";
import { AwsProvider } from "./.gen/providers/aws/provider";
import { Instance } from "./.gen/providers/aws/instance";
import { DnsimpleProvider } from "./.gen/providers/dnsimple/provider";
import { ZoneRecord } from "./.gen/providers/dnsimple/zone-record";

export class ProvidersStack extends TerraformStack {
  constructor(scope: Construct, id: string) {
    super(scope, id);

    new AwsProvider(this, "aws", {
      region: "us-east-1",
    });

    const instance = new Instance(this, "Hello", {
      ami: "ami-2757f631",
      instanceType: "t2.micro",
    });

    const dnsimpleToken = new TerraformVariable(this, "dnsimpleToken", {
      type: "string",
      description: "dnsimple token",
      sensitive: true,
    });

    const dnsimpleAccount = new TerraformVariable(this, "dnsimpleAccount", {
      type: "string",
      description: "dnsimple account",
      sensitive: true,
    });

    new DnsimpleProvider(this, "dnsimple", {
      token: dnsimpleToken.stringValue,
      account: dnsimpleAccount.stringValue,
    });

    new ZoneRecord(this, "web-www", {
      zoneName: "example.com",
      name: "web",
      value: instance.publicIp,
      type: "A",
    });
  }
}
Use the synth command to convert your code into a JSON Terraform configuration file. 
cdktn synth --json

{
  "//": {
    "metadata": {
      "version": "0.0.11-pre.8757404fa25b6e405f1a51eac11b96943ccb372e",
      "stackName": "vpc-example"
    }
  },
  "terraform": {
    "required_providers": {
      "aws": "~> 2.0",
      "dnsimple": "undefined"
    }
  },
  "provider": {
    "aws": [
      {
        "region": "us-east-1"
      }
    ],
    "dnsimple": [
      {
        "account": "hello@example.com",
        "token": "xxxxxxxxxx"
      }
    ]
  },
  "resource": {
    "aws_instance": {
      "vpcexample_Hello_279554CB": {
        "ami": "ami-2757f631",
        "instance_type": "t2.micro",
        "//": {
          "metadata": {
            "path": "vpc-example/Hello",
            "uniqueId": "vpcexample_Hello_279554CB",
            "stackTrace": [
              .....
            ]
          }
        }
      }
    },
    "dnsimple_record": {
      "vpcexample_webwww_477C7150": {
        "domain": "example.com",
        "name": "web",
        "type": "A",
        "value": "${aws_instance.vpcexample_Hello_279554CB.public_ip}",
        "//": {
          "metadata": {
            "path": "vpc-example/web-www",
            "uniqueId": "vpcexample_webwww_477C7150",
            "stackTrace": [
              .....
            ]
          }
        }
      }
    }
  }
}

Provider Caching

Caching prevents CDK Terrain from re-downloading providers between each CLI command. It is also useful when you need to remove the cdktf.out folder and re-synthesize your configuration. Finally, caching is necessary when you use multiple stacks within one application.

Set the Caching Directory

Refer to the Terraform documentation about how to configure your plugin cache. Otherwise, CDKTN automatically sets the TF_PLUGIN_CACHE_DIR environment variable to $HOME/.terraform.d/plugin-cache when you use cdktn cli commands. To disable this behavior, set CDKTF_DISABLE_PLUGIN_CACHE_ENV to a non null value, like CDKTF_DISABLE_PLUGIN_CACHE_ENV=1. You may want to do this when a different cache directory is configured via a .terraformrc configuration file.

Use a Local Provider

Terraform needs to know the location of local providers to enable CDKTN to generate the appropriate type bindings. You can configure this in two ways: Once configured properly, you can reference these providers in the cdktf.json file the same way that you reference providers from the Terraform Registry. Refer to the project configuration documentation for more details about the cdktf.json specification.