Enable full developer self-service by managing yourGitHub Organizationwith Terraform
A comprehensive Terraform Blueprint with fully automated CI/CD that enables users to request changes such as on- and off-boarding of users, repositories, branch protections, secrets and more through code.
Book a demo
A better way of managing GitHub
Unlock the full potential of your GitHub organization
Increase Productivity
Reduce waiting times through self-service and automation.
Best Practices
Standardize configurations and settings such as branch protections.
Ensure Compliance
Comes with built-in least privilege principle and audit log.
A comprehensive set of Features
Enable full developer self-service
Access Management
Seamless on- and off-boarding of users, teams and team repositories (eg what repositories the individual users and teams can access).
# A map of members of the GitHub organization
#
# It is recommneded to map users to github-accounts
# in the following ways for internal and external employess
# and machine users used in CI/CD setups like GitHub Actions
# or other CI systems.
#
# "{real.name}" = "{github-account}"
# "ext/{company}/{real.name}" = "{github-account}"
# "machine/{user|repository|topic}" = "{gihub-account}"
#
globals {
organization_members = {
"engineering/marius.tolzmann" = "mariux"
"engineering/soeren.martius" = "soerenmartius"
"marketing/hany.elfouly" = "hanymin"
"machine/mineiros" = "mineiros-ci"
}
Repository Management
Create and manage repositories and settings such as branch protections, deployment keys, secrets, labels, projects, collaborators, etc.
# A map of settings that will be applied to all repositories
globals {
topics = [
"iac",
"mineiros",
]
write_teams = [
"Terraform Service Catalog",
]
# A list of repositories with specific settings that overwrite
# default settings configured through globals
repositories = [
{
name = "vscode-terramate"
description = "Terramate VSCode Extension"
visibility = "public"
allow_merge_commit = false
allow_squash_merge = true
},
.....
Secret Management
Create and maintain secrets and configure which repositories are allowed to access them.
# A list of organizational secrets
# that can be shared with individual repositories
organization_secrets = [
{
name = "HUBSPOT_API_KEY"
repositories = [
"frontend",
},
{
name = "GOOGLE_CLOUD_DEV_SERVICE_ACCOUNT_KEY"
repositories = [
"order-microservice",
"fullfillment-microservice",
"notification-microservice",
}
]
Fine-graded Access Control
Enable individuals and teams to maintain isolated stacks without admin privileges through CODEOWNERS.
# /.github/CODEOWNERS
## Define a team to be assigned to all reviews
* @platform-team
## Organization
# [Full list of users/teams allowed to manage members]
# /stacks/config_organization_members.tm.hcl
# [Full list of users/teams allowed to manage owners]
# /stacks/config_organization_owners.tm.hcl
# [Full list of users/teams allowed to manage collaborators]
# /stacks/config_collaborator.tm.hcl
# [Full list of users/teams allowed to manage blocked users]
# /stacks/config_blocked_users.tm.hcl
## Teams
### All teams
# [Full list of users/teams allowed to maintain teams]
# /stacks/organization/teams/*/config.tm.hcl
...
Full Automation
Change Preview & Rollout Automation
Comes with pre-configured GitHub Actions Pipelines for change pre-view in Pull Requests, fully automated rollouts and rollbacks.
CI/CD in GitHub Actions
Code Generation
Change Preview in Pull Request
Pricing
Get full access to the blueprint and continuous updates
Startup
499 EUR /year
For Startups that manage up to 50 developers in their GitHub organization.
Talk to sales| Feature | Included |
|---|---|
| Number of GitHub users that can be mangaged with this license. | 50 No |
| Feature | Included |
|---|---|
| On- and offboard members, admins and machine users. | Yes |
| Block users from the organization. | Yes |
| Create and manage GitHub projects. | Yes |
| Create and manage a team that contains all members of the organization. | Yes |
| Create and manage organizational webhooks. | Yes |
| Create and manage GitHub Actions runner groups. | No |
| Create and manage GitHub Actions permissions. | No |
| Integrates with external Identity Provider (IDP). | No |
| Feature | Included |
|---|---|
| Create and manage teams and team memberships. | Yes |
| Manage team access for repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage organizational secrets. | Yes |
| Manage access to secrets for specific repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage repositories and repository settings (metadata, merge strategies, auto init, license templates, gitignore templates, template repositories, branches and projects). | Yes |
| Enforce pre-configured settings across a range of repositories. | Yes |
| Create and manage repository branch protections. | Yes |
| Create and manage external collaborators (readers, writers and admins). | Yes |
| Create and manage deployment keys. | Yes |
| Create and manage repository webhooks. | Yes |
| Create and manage environments. | Yes |
| Create and manage issue labels. | Yes |
| Create and manage autolink references for project management tools such as eg. Jira. | Yes |
| Feature | Included |
|---|---|
| Pre-configured CI/CD pipelines with GitHub Actions and Terramate. | Yes |
| Change preview in Pull Requests. | Yes |
| Only execute stacks that changed. | Yes |
| Feature | Included |
|---|---|
| Fine-graded access control and reviewer management through CODEOWNERS. | Yes |
| Feature | Included |
|---|---|
| Updates, new features and bugfixes for active subscriptions. | Yes |
| Feature | Included |
|---|---|
| Comprehensive documentation and guides available. | Yes |
| Optional onboarding package available. | Yes |
| Full access to the code. | Yes |
| Feature | Included |
|---|---|
| Free Support in Slack Community. | Yes |
| 2 business days SLA. | No |
Small and midsize business
1899 EUR /year
For SMBs that manage up to 200 developers in their GitHub organization.
Talk to sales| Feature | Included |
|---|---|
| Number of GitHub users that can be mangaged with this license. | 200 No |
| Feature | Included |
|---|---|
| On- and offboard members, admins and machine users. | Yes |
| Block users from the organization. | Yes |
| Create and manage GitHub projects. | Yes |
| Create and manage a team that contains all members of the organization. | Yes |
| Create and manage organizational webhooks. | Yes |
| Create and manage GitHub Actions runner groups. | No |
| Create and manage GitHub Actions permissions. | No |
| Integrates with external Identity Provider (IDP). | No |
| Feature | Included |
|---|---|
| Create and manage teams and team memberships. | Yes |
| Manage team access for repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage organizational secrets. | Yes |
| Manage access to secrets for specific repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage repositories and repository settings (metadata, merge strategies, auto init, license templates, gitignore templates, template repositories, branches and projects). | Yes |
| Enforce pre-configured settings across a range of repositories. | Yes |
| Create and manage repository branch protections. | Yes |
| Create and manage external collaborators (readers, writers and admins). | Yes |
| Create and manage deployment keys. | Yes |
| Create and manage repository webhooks. | Yes |
| Create and manage environments. | Yes |
| Create and manage issue labels. | Yes |
| Create and manage autolink references for project management tools such as eg. Jira. | Yes |
| Feature | Included |
|---|---|
| Pre-configured CI/CD pipelines with GitHub Actions and Terramate. | Yes |
| Change preview in Pull Requests. | Yes |
| Only execute stacks that changed. | Yes |
| Feature | Included |
|---|---|
| Fine-graded access control and reviewer management through CODEOWNERS. | Yes |
| Feature | Included |
|---|---|
| Updates, new features and bugfixes for active subscriptions. | Yes |
| Feature | Included |
|---|---|
| Comprehensive documentation and guides available. | Yes |
| Optional onboarding package available. | Yes |
| Full access to the code. | Yes |
| Feature | Included |
|---|---|
| Free Support in Slack Community. | Yes |
| 2 business days SLA. | No |
Enterprise
on request EUR /year
For Enterprises that manage more than 200 developers in their organization.
Talk to sales| Feature | Included |
|---|---|
| Number of GitHub users that can be mangaged with this license. | 200+ No |
| Feature | Included |
|---|---|
| On- and offboard members, admins and machine users. | Yes |
| Block users from the organization. | Yes |
| Create and manage GitHub projects. | Yes |
| Create and manage a team that contains all members of the organization. | Yes |
| Create and manage organizational webhooks. | Yes |
| Create and manage GitHub Actions runner groups. | Yes |
| Create and manage GitHub Actions permissions. | Yes |
| Integrates with external Identity Provider (IDP). | Yes |
| Feature | Included |
|---|---|
| Create and manage teams and team memberships. | Yes |
| Manage team access for repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage organizational secrets. | Yes |
| Manage access to secrets for specific repositories. | Yes |
| Feature | Included |
|---|---|
| Create and manage repositories and repository settings (metadata, merge strategies, auto init, license templates, gitignore templates, template repositories, branches and projects). | Yes |
| Enforce pre-configured settings across a range of repositories. | Yes |
| Create and manage repository branch protections. | Yes |
| Create and manage external collaborators (readers, writers and admins). | Yes |
| Create and manage deployment keys. | Yes |
| Create and manage repository webhooks. | Yes |
| Create and manage environments. | Yes |
| Create and manage issue labels. | Yes |
| Create and manage autolink references for project management tools such as eg. Jira. | Yes |
| Feature | Included |
|---|---|
| Pre-configured CI/CD pipelines with GitHub Actions and Terramate. | Yes |
| Change preview in Pull Requests. | Yes |
| Only execute stacks that changed. | Yes |
| Feature | Included |
|---|---|
| Fine-graded access control and reviewer management through CODEOWNERS. | Yes |
| Feature | Included |
|---|---|
| Updates, new features and bugfixes for active subscriptions. | Yes |
| Feature | Included |
|---|---|
| Comprehensive documentation and guides available. | Yes |
| Optional onboarding package available. | Yes |
| Full access to the code. | Yes |
| Feature | Included |
|---|---|
| Free Support in Slack Community. | Yes |
| 2 business days SLA. | Yes |
| Pricing plan comparisonPlans | Startup | Small and midsize business | Enterprise |
|---|---|---|---|
| Pricing | 499,- EUR /year For Startups that manage up to 50 developers in their GitHub organization. Talk to sales | 1899,- EUR /year For SMBs that manage up to 200 developers in their GitHub organization. Talk to sales | |
| Quotas | |||
| Number of GitHub users that can be mangaged with this license. | 50 | 200 | 200+ |
| Organizations | |||
| On- and offboard members, admins and machine users. | |||
| Block users from the organization. | |||
| Create and manage GitHub projects. | |||
| Create and manage a team that contains all members of the organization. | |||
| Create and manage organizational webhooks. | |||
| Create and manage GitHub Actions runner groups. | no | no | |
| Create and manage GitHub Actions permissions. | no | no | |
| Integrates with external Identity Provider (IDP). | no | no | |
| Teams | |||
| Create and manage teams and team memberships. | |||
| Manage team access for repositories. | |||
| Secrets | |||
| Create and manage organizational secrets. | |||
| Manage access to secrets for specific repositories. | |||
| Repositories | |||
| Create and manage repositories and repository settings (metadata, merge strategies, auto init, license templates, gitignore templates, template repositories, branches and projects). | |||
| Enforce pre-configured settings across a range of repositories. | |||
| Create and manage repository branch protections. | |||
| Create and manage external collaborators (readers, writers and admins). | |||
| Create and manage deployment keys. | |||
| Create and manage repository webhooks. | |||
| Create and manage environments. | |||
| Create and manage issue labels. | |||
| Create and manage autolink references for project management tools such as eg. Jira. | |||
| Automation | |||
| Pre-configured CI/CD pipelines with GitHub Actions and Terramate. | |||
| Change preview in Pull Requests. | |||
| Only execute stacks that changed. | |||
| Self-Service | |||
| Fine-graded access control and reviewer management through CODEOWNERS. | |||
| Update Plan | |||
| Updates, new features and bugfixes for active subscriptions. | |||
| Onboarding | |||
| Comprehensive documentation and guides available. | |||
| Optional onboarding package available. | |||
| Full access to the code. | |||
| Support | |||
| Free Support in Slack Community. | |||
| 2 business days SLA. | no | no | |
| Choose your plan | Talk to sales | Talk to sales | Talk to sales |