Releases: hashicorp/python-tfe
Release list
v1.3.0
Enhancements
New resources
- Added
client.stack_deployments— list the deployments that belong to a stack.list(stack_id, options=None)(GET /stacks/{stack_id}/stack-deployments) returns anIterator[StackDeployment], with optional pagination (page_size) and?include=(latest_deployment_run,latest_deployment_run.stack_configuration) viaStackDeploymentListOptions. Thestackrelationship is hydrated as a typed field; thelatest-deployment-runrelation is reachable via the lossless raw accessors (deployment.related("latest-deployment-run")). New models:StackDeployment,StackDeploymentListOptions,StackDeploymentIncludeOpt. - Added
client.stack_deployment_groups— list, read, approve, and rerun deployment groups within a stack configuration.list(stack_configuration_id)(GET /stack-configurations/{id}/stack-deployment-groups),read(group_id)(GET /stack-deployment-groups/{id}),read_by_name(stack_configuration_id, name),approve_all_plans(group_id)(POST .../approve-all-plans),rerun(group_id, options)(POST .../rerun?deployments=...). New models:StackDeploymentGroup,DeploymentGroupStatus,StackDeploymentGroupListOptions,StackDeploymentGroupRerunOptions. - Added
client.stack_deployment_runs— list, read, approve, and cancel individual deployment runs within a deployment group.list(group_id)(GET /stack-deployment-groups/{id}/stack-deployment-runs),read(run_id)(GET /stack-deployment-runs/{id}),approve_all_plans(run_id)(POST .../approve-all-plans),cancel(run_id)(POST .../cancel). New models:StackDeploymentRun,DeploymentRunStatus,StackDeploymentRunListOptions,StackDeploymentRunReadOptions,StackDeploymentRunIncludeOpt. - Added
client.stack_deployment_steps— list, read, advance, list diagnostics, and download artifacts for individual deployment steps within a deployment run.list(run_id)(GET /stack-deployment-runs/{id}/stack-deployment-steps),read(step_id)(GET /stack-deployment-steps/{id}),advance(step_id)(POST .../advance),list_diagnostics(step_id)(GET .../stack-diagnostics),download_artifact(step_id, artifact_type)(GET .../artifacts?name=<type>) returns rawbytes. New models:StackDeploymentStep,DeploymentStepStatus,StackDeploymentStepArtifactType,StackDeploymentStepIncludeOpt,StackDeploymentStepListOptions,StackDeploymentStepReadOptions,StackDiagnostic,StackDiagnosticListOptions. - Added
client.stack_states— list, read, and download descriptions for stack states.list(stack_id)(GET /stacks/{id}/stack-states),read(state_id)(GET /stack-states/{id}),download_description(state_id)(GET /stack-states/{id}/description) returns rawbytes. New models:StackState,StackStateListOptions. New error:InvalidStackStateIDError. - Added
client.stack_configuration_summaries— list lightweight stack configuration summaries for a stack.list(stack_id)(GET /stacks/{id}/stack-configuration-summaries). New models:StackConfigurationSummary,StackConfigurationSummaryListOptions. - Added
client.stack_deployment_group_summaries— list rolled-up deployment group summaries for a stack configuration.list(stack_configuration_id)(GET /stack-configurations/{id}/stack-deployment-group-summaries). New models:StackDeploymentGroupSummary,StackDeploymentGroupSummaryListOptions,StackDeploymentGroupStatusCounts. - Added
client.stack_diagnostics— read and acknowledge stack diagnostics.read(diagnostic_id)(GET /stack-diagnostics/{id}),acknowledge(diagnostic_id)(POST /stack-diagnostics/{id}/acknowledge). New error:InvalidStackDiagnosticIDError.
v1.2.0
Enhancements
Relationships
Related data is now a complete, first-class part of every response. Before, ?include= often did not actually fill the related fields it returned, and anything the SDK did not model as a typed field was dropped on the floor. Now the full set of related resources the API hands back is always available to you: typed where pytfe models it, raw where it does not. The practical win is that you are no longer limited to the relationships pytfe has added typed support for. You can read any related resource in a response without dropping to manual HTTP or waiting for a new SDK release.
?include=now fills in related data. When the SDK models a relation as a typed field (for exampleworkspace.outputs,policy_set.current_version,organization_membership.user,run_event.actor), passing?include=<relation>fills that field with the real record instead of an id-only stub.- Relations the SDK does not model are no longer lost. Every top-level resource model now derives from a new
pytfe.models.TFEModelbase and gains read-only accessors for the raw JSON:API data the API returned:model.relationships,model.included,model.related(name),model.included_by(type, id), and themodel.has_relationshipsandmodel.has_includedflags. So when a relation has no typed field of its own (for example an organization'ssubscription, or a workspacereadme),?include=still returns it and you reach it withmodel.related("subscription")ormodel.included_by(type, id). These accessors are read-only extras that never appear inmodel_dump()or affect equality, so this is additive and non-breaking. List endpoints expose the relationship refs but do not yet fillincluded. See docs/related-resources.md for the per-resource table and a "typed field vs raw accessor" guide. - Added
?include=support to three reads that previously had no include option, matching the HCP Terraform API:teams.read(team_id, TeamReadOptions(include=[...])):users,organization-memberships.task_stages.read(task_stage_id, TaskStageReadOptions(include=[...])):run,run.workspace,task-results,policy-evaluations.organizations.read(name, OrganizationReadOptions(include=[...])):subscription. The newoptionsargument is optional, so existing calls are unchanged.
New resources
- Added
client.subscriptions— read an organization's subscription (HCP Terraform only).read_for_organization(org)(GET /organizations/{org}/subscription) andread(id)(GET /subscriptions/{id}). The linked feature set is hydrated into.includedand reachable viasubscription.related("feature-set"). New model:Subscription. New error:InvalidSubscriptionIDError. - Added
client.invoices— read an organization's billing invoices (HCP Terraform only).list(org)(cursor-paginated viameta.continuation, fixed page size 10) andread_next(org)(the upcoming invoice, orNonewhen there is no upcoming invoice). New model:Invoice. - Added
client.ip_ranges— read HCP Terraform / Terraform Enterprise outbound IP ranges viaGET /api/meta/ip-ranges.read(modified_since=None)returns anIPRange(CIDR lists forapi,notifications,sentinel,vcs), orNonewhen anIf-Modified-Sincedate is supplied and the ranges are unchanged (HTTP 304). New model:IPRange. - Added
client.plan_exports— export Terraform plan data (Sentinel mock bundles).create(options),read(id),delete(id), anddownload(id)(returns the.tar.gzarchive bytes, following the temporary presigned-URL redirect). New models:PlanExport,PlanExportCreateOptions,PlanExportStatus,PlanExportDataType,PlanExportStatusTimestamps. New errors:InvalidPlanExportIDError,RequiredPlanError. - Added
client.cost_estimates— read run cost estimates.read(id)returns aCostEstimate;logs(id)returns the estimate's log output text.CostEstimate,CostEstimateStatus, andCostEstimateStatusTimestampsare now exported frompytfe.models. New error:InvalidCostEstimateIDError. - Added IP allowlists (the JSON:API
cidr-range-lists/cidr-rangesresources) asclient.cidr_range_listsandclient.cidr_ranges.cidr_range_listssupportslist,create,read,update,delete, pluslist_cidr_ranges,add_cidr_range, andadd_agent_pools/remove_agent_pools;cidr_rangessupportsread,update,delete. New models:CIDRRangeList,CIDRRange,EnforcementScope, and their create/update/list options. New errors:InvalidCIDRRangeListIDError,InvalidCIDRRangeIDError,RequiredCIDRBlockError. - Added
client.registry— a client for the public Terraform Registry module API (registry.terraform.io). This is a new, unauthenticated surface on a different host (the SDK never sends the bearer token to the registry);base_urlis configurable for other registries implementing the module registry protocol. Methods:list_modules,search_modules,list_latest_for_all_providers,latest_for_provider,get_module,list_versions,download_url,latest_download_url, anddownloads_summary. New models are exported under thePublicRegistry*prefix (e.g.PublicRegistryModule,PublicRegistryModuleVersions,PublicRegistryModuleDownloadsSummary). New errors:InvalidModuleNamespaceError,InvalidModuleNameError,InvalidModuleProviderError,InvalidModuleVersionError. - Added
client.assessment_results— read workspace health assessment (drift detection / continuous validation) results.read(id)returns anAssessmentResult;json_output(id)andjson_schema(id)return the underlying JSON plan / provider schema (following the blob redirect,Noneon 204);log_output(id)returns the Terraform JSON log as text.AssessmentResultis now aTFEModel, so itsworkspace/sourcerelationships are reachable via.relationships/.related(...). New error:InvalidAssessmentResultIDError. - Added
client.hyok_configurations— manage HYOK (Hold Your Own Key) configurations.list(org),create(org, options),read(id),delete(id),test(id), andrevoke(id). A HYOK configuration ties an OIDC configuration (client.*_oidc_configurations) and an agent pool to a customer-controlled KMS key; this is the parent resource for the per-cloud OIDC configs. A configuration must be revoked before it can be deleted. New models:HYOKConfiguration,HYOKConfigurationCreateOptions,HYOKConfigurationStatus,HYOKKMSOptions,OIDCConfigurationType. New errors:InvalidHYOKConfigurationIDError,RequiredKEKIDError.
Discovery for AI agents and tooling
The installed package is now self-describing, so a consumer (including an AI
agent or other tooling working only from site-packages/pytfe) can enumerate and
drive the SDK without hardcoding resource names or browsing the GitHub repo.
pytfe.describe()returns a machine-readable manifest of the API surface —
every resource namespace onTFEClient, its public methods, signatures, and
one-line summaries, with theadminnamespace nested. It makes no network
calls (a throwaway client with an empty config is used purely to introspect
the wiring) and the result is JSON-serializable. Each method's*Options
model still exposes JSON Schema viamodel_json_schema().pytfe.llms_txt()returns a concise, agent-oriented orientation guide that
now ships inside the wheel atpytfe/llms.txt(alongsidepy.typed).TFEClientgained a comprehensive class docstring (resource namespaces,
quickstart, conventions) sohelp(TFEClient)and IDE hover are useful, and
it is now a context manager:with TFEClient(...) as tfe: ...closes the
pooled HTTP connection automatically.close()is documented and idempotent.- Every public resource method now ships a Google-style docstring — a one-line
summary plusArgs,Returns,Raises, and a runnableExample:block
(sections included as applicable). These are written for consumers and the AI
coding assistants (Copilot/Claude/Cursor) that read them via the language
server fromsite-packages, so completions for pytfe calls are more accurate
out of the box. Return-shape gotchas (single-useIterator, rawbytesfor
blob downloads,Nonefor204s) and the exact exceptions each method raises
are now documented in place. Linked from the README's new AI coding
assistants row alongsidellms.txt. StateVersionIncludeOptandPolicySetOutcomeListOptionsare now exported
frompytfe.models, matching the rest of their model families.
Packaging
- The source distribution (sdist) now includes
examples/,CHANGELOG.md, and
AGENTS.mdso source consumers get the full example and changelog context.
The wheel is unchanged (examples remain non-importable).
Bug Fixes
Relationships
- Fixed
workspaces.read*(include=[WorkspaceIncludeOpt.OUTPUTS])returning outputs withNonename, value, and type. Workspaceoutputsis now filled from theincludeddata. #134 - Fixed
policy_set.read*(include=[current_version | newest_version])returning an id-only stub.PolicySetVersionis now exported frompytfe.modelsand fully resolved, so the version'ssource,created_at, andstatusare populated. - Fixed
variable_set.readinventing placeholder values (such asname="workspace-<id>"orkey="var-<id>") forworkspaces,projects, andvars. These are now id-only stubs by default and fill fromincludedwhen requested.
Cost estimates
- Fixed
CostEstimatefailing to parse real API responses:status-timestampsnow treats every timestamp as optional (the API only returns the ones that have occurred) and adds the missingpending-at, anderror-messagenow acceptsnull. Previously an includedcost-estimate...
v1.1.0
Features
TFE admin identity (SAML / SCIM)
- Added
client.adminnested namespace exposing three TFE-only services:client.admin.saml_settings(read, update, revoke_idp_cert),client.admin.scim_settings(read, update, delete), andclient.admin.scim_tokens(list, create, read, delete). - Added models:
AdminSAMLSettings/AdminSAMLSettingsUpdateOptions,AdminSCIMSettings/AdminSCIMSettingsUpdateOptions,AdminSCIMToken/AdminSCIMTokenCreateOptions, plusSAMLProviderTypeandSAMLSignatureMethodenums. AdminSCIMSettingsUpdateOptionsdistinguishes "field unset" from "field explicitly set to None" forsite_admin_group_scim_id. PassNoneto send JSONnull(unlinking the SCIM site-admin group); omit the kwarg entirely to leave the server value untouched. The omit-vs-explicit-null distinction is preserved end-to-end via a customto_payload()that inspects Pydantic'smodel_fields_set.- Added typed exceptions
InvalidSAMLProviderTypeError,InvalidSCIMTokenIDError,RequiredSCIMTokenDescriptionError. - The transport-level redacting logger now redacts the wire-format
private-keyfield (with hyphen) in addition to the existingprivate_key(with underscore), so SAML SP private keys cannot leak viaPYTFE_LOG=debug. X.509 certificate fields (idp-cert,certificate,old-idp-cert) are intentionally NOT redacted because they're public material by design.
GitHub App installation discovery
- Added
client.github_app_installationsresource withlist(supportsfilter[name]andfilter[installation_id]) andreadmethods for looking up GitHub App installations the authenticated user can see. ReturnsGitHubAppInstallationrecords carrying both the HCP-sideid(ghain-...) and the GitHub-side numericinstallation_id. The actual GitHub App authorisation flow happens through the HCP Terraform UI; this resource is the discovery surface workspace/stack/registry-module VCS configuration consumes. - Added model
GitHubAppInstallation,GitHubAppInstallationListOptions,GitHubAppInstallationType. - Added typed exception
InvalidGitHubAppInstallationIDError.
HYOK OIDC Configurations
- Added aws_oidc_configurations, azure_oidc_configurations, gcp_oidc_configurations, and vault_oidc_configurations resources with create, read, update, and delete methods for Hold-Your-Own-Key OIDC configuration records. All four hit a single polymorphic HCP endpoint (POST /organizations/{org}/oidc-configurations for create, /oidc-configurations/{id} for read/update/delete) dispatched by JSON:API data.type.
- Added typed models per provider: AWSOIDCConfiguration / AzureOIDCConfiguration / GCPOIDCConfiguration / VaultOIDCConfiguration plus matching CreateOptions and UpdateOptions for each.
- Azure / GCP / Vault UpdateOptions are fully partial — only supplied fields are sent on the wire. AWSOIDCConfigurationUpdateOptions REQUIRES role_arn because the AWS resource has exactly one updatable attribute. Constructing AWSOIDCConfigurationUpdateOptions() with no arguments now raises a pydantic ValidationError at construction time instead of silently sending an empty PATCH whose server-side behaviour was never verified.
- AWSOIDCConfigurationCreateOptions and AWSOIDCConfigurationUpdateOptions both reject empty-string role_arn values via a non-empty field validator.
- Added InvalidOIDCConfigurationIDError typed exception.
- These resources require HYOK / Premium entitlement on the organization; calls against a non-HYOK org return NotFound. The SDK manages only the HCP-side configuration record — the cloud-side trust resources (IAM role, Azure federated credential, GCP workload identity pool, Vault JWT auth method) still need to be provisioned separately.
Bug Fixes
Pagination
- Fixed
list_*infinite-looping for API call which are non paginated, so they are now fetched with a single request. The generic list helper also treats any response withoutmeta.paginationas a single complete page, preventing the same loop on other non-paginated endpoints. #181
Relationships
- Unified JSON:API relationship parsing into a single canonical helper, replacing the per-resource hand-rolled logic across runs, workspaces, no-code modules and more. #180
?include='d relations are now fully hydrated from the response'sincludedblock (e.g.workspace.current_run.status) instead of being returned as id-only stubs.- Models retain unknown server attributes in
model_extra(extra="allow") instead of silently dropping them, keeping output closer to the live API. - Added missing
Workspacefieldslatest_run,latest_change_at,last_assessment_result_at, andsource_module_id, which previously raisedAttributeError. #179
v1.0.0
Features
Teams
- Added Teams resource with full CRUD operations (list, create, read, update, delete) by @isivaselvan #118
- Added add_users, remove_users, add_organization_memberships, remove_organization_memberships, list_users and list_organization_memberships methods by @iam404 #171
Team Project Access
- Added Team Project Access resource with list, add, read, update, and remove methods by @isivaselvan #127
Stacks
- Added Stack resource with create, update, list, read, delete, force_delete and fetch_latest_from_vcs methods by @isivaselvan #128
Explorer API
- Added Explorer resource support with query, CSV export, list saved view, create saced view, read saved view, update saved view, delete saved view, saved view result query, and saved view CSV export endpoints by @jasodeep #136
Organization Tokens
- Added Organization Token resource with full Create, read, delete and create/read/delete with options operations by @NimishaShrivastava-dev #141
Users
- Added User resource with read, read_current, and update_current methods by @TanyaSingh369-svg #144
Registry Provider Platform
- Added Registry Provider Platform resource with create, list, read, and delete methods by @isivaselvan #145
Organization Tags
- Added Organization Tags resource with list, add_workspaces, and delete methods by @NimishaShrivastava-dev #146
Stack Configuration
- Added Stack Configuration resource with create, list, and read methods by @isivaselvan #147
Organization Audit Configurations
- Added Organization Audit Configuration resource with list, read and update support by @NimishaShrivastava-dev #154
Comments
- Added Comment resource with list, read, and create methods by @isivaselvan #155
Task Result
- Added Task Result resource with read method, typed models, and unit tests by @TanyaSingh369-svg #156
Team Tokens
- Added Team Token resource with list, read, create, and delete methods supporting both legacy and new multi-team token APIs by @isivaselvan #157
Run Task Integration
- Added Run Task Integration resource with callback support for sending run task results back to Terraform, including callback payload models and webhook server example by @TanyaSingh369-svg #160
State Version Upload
- Added state version upload support with presigned URL flow and improved examples by @NimishaShrivastava-dev #163
Workspace Run Task
- Added Workspace Run Task resource CRUD operation with models for managing run tasks associated with a workspace by @isivaselvan #164
Task Stage
- Added Task Stage resource and models for interacting with run task stages by @isivaselvan #165
Team Workspace Access
- Added Team Workspace Access resource list, read, add, update and remove methods along with models and examples for managing team access to workspaces by @iam404 #168
No-Code Provisioning
- Added no_code_modules resource with create, read, update, delete, read_variables, create_workspace, upgrade_workspace, read_workspace_upgrade, and confirm_workspace_upgrade methods.
Enhancements
Terraform Actions
- Added invoke action address field to Run and RunCreateOptions models to support Terraform action invocations by @isivaselvan #158
Agent Pool
- Updated Agent Pool models to include project_ids and workspace_ids (allowed and excluded) fields by @isivaselvan #166
- Added assign_to_project method to the Agent Pool resource for associating agent pools with projects by @isivaselvan #166
- Added typed agent pool error classes (InvalidAgentPoolIDError and related) by @isivaselvan #166
- Updated AgentPoolListOptions with new filter parameters for list method by @isivaselvan #166
Existing Resource Improvements
- Updated Apply resource with errored_state method which uses additional read endpoints and log download support by @iam404 #168
- Updated Configuration Version resource with ingress_attributes method which uses additional endpoints for uploaded configuration handling by @iam404 #168
- Updated Plan resource with additional read_for_run, read_json_output_for_run, read_json_schema_for_run and follow_json_output_redirect methods by @iam404 #168
- Updated Policy Set resource with new add_project_exclusions, remove_project_exclusions methods to support project exclusions by @iam404 #168
- Updated Projects resource with new move_workspaces (into project) method iterator conversion of list_effective_tag_bindings operations by @iam404 #168
- Updated Registry Module resource with iterator conversion of list_version method by @iam404 #168
- Updated State Version resource with new rollback method by @iam404 #168
- Updated Workspaces resource with additional current_assessment_result and list_applicable_varsets methods by @iam404 #168
SDK Logging
- Added pytfe._logging module with structured stdlib-based logging framework by @iam404 #171
- Added setup_logging() function to configure the pytfe logger namespace with optional level and format control by @iam404 #171
- Added HTTP transport tracing via RoundTrip formatter with request/response logging, header/body redaction, and configurable truncation by @iam404 #171
- Added PYTFE_LOG, PYTFE_LOG_HEADERS, and PYTFE_LOG_TRUNCATE_BYTES environment variables for runtime log configuration by @iam404 #171
Breaking Changes
Agent Pool
- Removed allowed_workspace_policy attribute from Agent Pool models and methods by @isivaselvan #166
- Updated AgentPool relationship model structure — consumers referencing the old relationship fields must update to the new project_ids/workspace_ids shape by @isivaselvan #166
Bug Fixes
- Fixed task result relationships to map into typed SDK models instead of raw JSON by @TanyaSingh369-svg #156
- Fixed task stage relationship mapping in the task result resource by @TanyaSingh369-svg #156
- Updated variable set models to support global_ inputs. Since global is a Python reserved word, callers previously had to use model_validate as a workaround; existing global alias usage continues to work unchanged.
- Fixed the workspace JSON:API parser to populate the singular agent_pool field instead of writing to a non-existent agent_pools key. The relationship was previously parsed off the wire but silently dropped because the model field is singular; workspace.agent_pool now returns the related AgentPool stub as documented.
v0.1.5
Enhancements
pytfe.__version__added in src/pytfe/init.py via importlib.metadata.version("pytfe"). This will resolve to the version from pyproject.toml.- Updated comments, sshkey, stateversion and cost-estimate models to have id as mandatory attribute by @isivaselvan #137
- Updated workspace resource to include additional relationship models include AgentPool, Configuration-version, Run, Variables and State-version by @isivaselvan #138
Bug Fixes
- Run.read / Run.create fail with pydantic ValidationError when response has a
cost-estimateandcommentsrelationship.
v0.1.4
v0.1.3
Enhancements
Iterator Pattern Migration
- Migrated Run resource list operations to iterator pattern by @NimishaShrivastava-dev #91
- Migrated Policy resource list operations to iterator pattern by @TanyaSingh369-svg #92
- Migrated Policy Set resource list operations to iterator pattern by @TanyaSingh369-svg #95
- Migrated Run Event resource list operations to iterator pattern by @NimishaShrivastava-dev #97
- Migrated SSH Keys resource list operations to iterator pattern by @NimishaShrivastava-dev #101
- Migrated Notification Configuration resource list operations to iterator pattern by @TanyaSingh369-svg #109
- Migrated Variable Set list operations to iterator pattern by @isivaselvan #113
- Migrated Variable Set Variables list operations to iterator pattern by @isivaselvan #113
- Migrated State Version list operations to iterator pattern by @isivaselvan #113
- Migrated State Version Output list operations to iterator pattern by @isivaselvan #113
- Migrated Policy Check list operations to iterator pattern by @isivaselvan #113
- Refreshed examples and unit tests to align with iterator pattern updates by @NimishaShrivastava-dev, @TanyaSingh369-svg, @isivaselvan #91 #92 #95 #97 #101 #109 #113
Project and Workspace Management
- Updated Project create and update models, including Project model refinements by @isivaselvan #120
- Updated Project endpoints for list-effective-tag-bindings and delete-tag-bindings by @isivaselvan #120
- Refactored Workspace models to improve validation with Pydantic by @isivaselvan #106
Breaking Change
List Method Behavior
- Standardized list methods across multiple resources to iterator-based behavior, replacing legacy list response patterns by @NimishaShrivastava-dev, @TanyaSingh369-svg, @isivaselvan #91 #92 #95 #97 #101 #109 #113
Bug Fixes
- Fixed pagination parameter handling across iterator-based page traversal by @isivaselvan #111
- Fixed state version and state version output model import/export registration by @isivaselvan #105
- Fixed the tag based filtering of workspace in list operation by @isivaselvan #106
- Fixed the project response of workspace relationship by @isivaselvan #106
- Fixed configuration version examples and added terraform+cloud support for ConfigurationSource usage by @isivaselvan #107
- Fixed configuration upload packaging flow (tarfile-based handling) by @isivaselvan #107
- Updated agent pool workspace assign/remove operations to consistently return AgentPool objects by @KshitijaChoudhari #110
- Updated Run relationships handling for improved model consistency by @ibm-richard #119
- Updated additional Run Source attributes by @isivaselvan #123
v0.1.2
Features
Registry Management
- Added registry provider version resource with full CRUD operations by @isivaselvan #66
- Added create method for registry provider versions by @isivaselvan #66
- Added list method with pagination support for registry provider versions by @isivaselvan #66
- Added read method for fetching specific registry provider version details by @isivaselvan #66
- Added delete method for removing registry provider versions by @isivaselvan #66
- Added comprehensive unit tests for registry provider versions by @isivaselvan #66
Breaking Change
Iterator Pattern Migration for List Method
- Migrated Policy Evaluation resource to use iterator pattern for list operations and renamed attribute task_stage to policy_attachable at PolicyEvaluation Model by @isivaselvan #68
- Migrated Policy Set Outcome resource to use iterator pattern for list operations by @isivaselvan #68
- Migrated OAuth Token resource to use iterator pattern and removed deprecated Uid attribute by @isivaselvan #68
- Migrated Reserved Tag Key resource to use iterator pattern, removed read method, and renamed service class by @isivaselvan #68
Deprecations
- Models OAuthTokenList, PolicyEvaluationList, PolicySetOutcomeList, ReservedTagKeyList were removed from models as part of initial Iterator pattern conversion of List Method.
- page_number attribute was removed at Models of OAuthTokenListOptions, PolicyEvaluationListOptions, PolicySetOutcomeListFilter and ReservedTagKeyListOptions.
- Removed deprecated Uid attribute at OauthToken Model.
Enhancements
- Updated query run functions with correct api endpoints, parameters and payload options for improved performance and consistency by @aayushsingh2502 #69
- Removed ListOptions from model and improved Cancel and Force Cancel option handling by @aayushsingh2502 #69
- Updated function naming conventions in example files for better clarity by @aayushsingh2502 #69
Bug Fixes
- Fixed the issue related to the Regex pattern on string id validation for registry resource by @isivaselvan #66
v0.1.1
Features
Organization Management
- Added organization membership list functionality with flexible filtering and pagination by @aayushsingh2502 #54
- Added organization membership read functionality by @aayushsingh2502 #54
- Added organization membership read with relationship includes by @aayushsingh2502 #54
- Added organization membership create functionality to invite users via email with optional team assignments by @aayushsingh2502 #54
- Added organization membership delete functionality by @aayushsingh2502 #54
Workspace Management
- Added workspace resources list functionality with pagination support by @KshitijaChoudhari #58
- Added robust data models with Pydantic validation for workspace resources by @KshitijaChoudhari #58
- Added comprehensive filtering options for workspace resources by @KshitijaChoudhari #58
Policy Management
- Added policy set parameter list functionality by @isivaselvan #53
- Added policy set parameter create functionality by @isivaselvan #53
- Added policy set parameter read functionality by @isivaselvan #53
- Added policy set parameter update functionality by @isivaselvan #53
- Added policy set parameter delete functionality by @isivaselvan #53
Enhancements
- Code cleanup and improvements across example files by @aayushsingh2502 #54
- Typo fix in Readme by @isivaselvan #75
v0.1.0
v0.1.0 - Initial Public Release
Release Date: October 28, 2025
This marks the first public release of python-tfe, the official Python client library for HashiCorp Cloud Platform (HCP) Terraform and Terraform Enterprise.
🎉 Release Highlights
- Python SDK for HCP Terraform and Terraform Enterprise APIs
- Type-safe models with comprehensive validation using Pydantic
- Broad API coverage for core Terraform Cloud operations
- Comprehensive examples and documentation
FEATURES
Core Infrastructure & Foundation
- Initial SDK Core Framework - Complete foundational SDK core framework and structure by @iam404 #9
- Established base client architecture, HTTP transport layer, Pagination and response handling with retries
- Implemented configuration management and authentication patterns
- Added comprehensive error handling and logging infrastructure
Organization Management
- Organization CRUD Operations - Complete organization management functionality by @aayushsingh2502
- Full create, read, update, delete operations for organizations
- Organization membership and user management
- Organization settings and feature toggles
Workspace Management
-
Workspace CRUD Operations - Comprehensive workspace management by @isivaselvan #16
- Complete workspace lifecycle management
- VCS integration support for GitHub, GitLab, Bitbucket, Azure DevOps
- Workspace settings, tags, and remote state consumers
-
Workspace Variables API - Variable management functionality by @aayushsingh2502 #16
- Environment and Terraform variable management
- Variable sets integration
- Sensitive variable handling with encryption
Project Management
- Project CRUD Operations - Complete project management API by @KshitijaChoudhari #23
- Project creation, configuration, and management
- Project tagging and organization by @KshitijaChoudhari #25
- Tag binding functionality for improved project organization
State Management
- State Versions and Output - Complete state management implementation by @iam404 #22
- State version listing, downloading, and rollback capabilities
- State output retrieval and management
- Secure state file operations with locking mechanisms
Variable Sets
- Variable Sets API - Comprehensive variable sets functionality by @KshitijaChoudhari #27
- Variable set creation and management
- Workspace association and inheritance
- Global and workspace-specific variable sets
Registry Management
-
Registry Module Support - Private module registry implementation by @aayushsingh2502 #24
- Module publishing and version management
- VCS integration for automated module updates
- Dependency management and semantic versioning
-
Registry Provider APIs - Provider registry operations by @aayushsingh2502 #28
- Custom and community provider management
- Provider version publishing and distribution
- GPG signature verification support
Run Management
-
Run API Specifications - Complete run lifecycle management by @isivaselvan #30
- Run creation, execution, and monitoring
- Run status tracking with real-time updates
- Run cancellation and force-cancellation capabilities
-
Plan and Apply Operations - Plan and apply workflow implementation by @isivaselvan #33
- Detailed plan analysis and review
- Apply operations with confirmation workflows
- Plan output parsing and visualization
-
Run Tasks and Triggers - Automated run management by @isivaselvan #26
- Run task creation and execution
- Trigger-based automated runs
- Webhook integration for external triggers
-
Run Events API - Run event tracking and monitoring by @isivaselvan #36
- Comprehensive run event logging
- Event filtering and querying capabilities
- Real-time event streaming support
Configuration Management
- Configuration Version Support - Configuration upload and management by @aayushsingh2502 #32
- Configuration version creation and upload
- Tar.gz archive support for configuration bundles
- VCS-triggered configuration updates
Query and Search
- Query Run API - Advanced run querying capabilities by @KshitijaChoudhari #35
- Complex run filtering and search
- Historical run data analysis
- Performance metrics and statistics
Agent Management
- Agents and Agent Pools - Self-hosted agent management by @KshitijaChoudhari #31
- Agent pool creation and configuration
- Agent registration and lifecycle management
- Health monitoring and capacity management
Authentication & Security
-
OAuth Client Management - OAuth integration for VCS providers by @aayushsingh2502 #37
- OAuth client creation and configuration
- VCS provider authentication setup
- Token refresh and management
-
OAuth Token Operations - Token lifecycle management by @aayushsingh2502 #40
- OAuth token creation and renewal
- Secure token storage and retrieval
- Token scope and permission management
-
SSH Key Management - SSH key operations for VCS access by @KshitijaChoudhari #38
- SSH key upload and management
- Key validation and security checks
- Repository access configuration
Tagging & Organization
- Reserved Tag Keys - Tag key management and restrictions by @KshitijaChoudhari #39
- Reserved tag key creation and enforcement
- Tag validation and naming conventions
- Organizational tag policies
Policy Management
-
Policy API Specifications - Sentinel policy management by @isivaselvan #41
- Policy creation and enforcement
- Policy version management
- Policy evaluation and reporting
-
Policy Check API - Policy evaluation framework by @isivaselvan #42
- Policy check execution and results
- Override capabilities for policy failures
- Detailed policy violation reporting
-
Policy Set Management - Policy set operations by @isivaselvan #45
- Policy set creation and configuration
- Workspace and organization policy assignment
- Policy set versioning and rollback
-
Policy Evaluation Framework - Advanced policy evaluation by @isivaselvan #46
- Policy set version management
- Policy set outcome tracking
- Comprehensive evaluation reporting
Notification Management
- Notification Configuration - Notification system implementation by @KshitijaChoudhari #43
- Notification configuration and management
- Multi-channel notification support (Slack, email, webhooks)
- Event-driven notification triggers
- Custom notification templates and formatting
NOTES
Package Information
- Python Version: Requires Python 3.10 or higher
- API Compatibility: Compatible with HCP Terraform and Terraform Enterprise v2 and later