Stay organized with collectionsSave and categorize content based on your preferences.
gcloud beta terraform vetis a replacement for the open-sourceterraform-validatorproject, with a few minor differences. If you are migrating your CI/CD pipeline
to usegcloud beta terraform vet, you will need to make the following changes.
1. Update the command and args
Replaceterraform-validator validatewithgcloud beta terraform vet
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003e\u003ccode\u003egcloud beta terraform vet\u003c/code\u003e replaces the \u003ccode\u003eterraform-validator\u003c/code\u003e project with some minor changes, and is subject to the "Pre-GA Offerings Terms".\u003c/p\u003e\n"],["\u003cp\u003eMigrating to \u003ccode\u003egcloud beta terraform vet\u003c/code\u003e requires updating the command from \u003ccode\u003eterraform-validator validate\u003c/code\u003e to \u003ccode\u003egcloud beta terraform vet\u003c/code\u003e, and replacing \u003ccode\u003e--policy-path\u003c/code\u003e with \u003ccode\u003e--policy-library\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eService account impersonation can be used with \u003ccode\u003egcloud beta terraform vet\u003c/code\u003e by adding the \u003ccode\u003e--impersonate-service-account\u003c/code\u003e flag.\u003c/p\u003e\n"],["\u003cp\u003eIt's recommended to use the newer format for writing policies and upgrade existing policies from \u003ccode\u003ev1alpha1\u003c/code\u003e, especially when sourcing from \u003ccode\u003egithub.com/GoogleCloudPlatform/policy-library\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Migrate from terraform-validator\n\n| **Preview**\n|\n|\n| This product or feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA products and features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\n`gcloud beta terraform vet` is a replacement for the open-source\n[`terraform-validator`](https://github.com/GoogleCloudPlatform/terraform-validator/)\nproject, with a few minor differences. If you are migrating your CI/CD pipeline\nto use `gcloud beta terraform vet`, you will need to make the following changes.\n\n1. Update the command and args\n------------------------------\n\n- Replace `terraform-validator validate` with `gcloud beta terraform vet`\n- Replace `--policy-path` with `--policy-library`\n\nBasic example: \n\n # Old\n terraform-validator validate ./tfplan.json --policy-path=/path/to/policy-library\n\n # New\n gcloud beta terraform vet ./tfplan.json --policy-library=/path/to/policy-library\n\nWith [service account impersonation](/sdk/gcloud/reference#--impersonate-service-account): \n\n # Old\n GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=account@project.iam.gserviceaccount.com\n terraform-validator validate ./tfplan.json --policy-path=/path/to/policy-library\n\n # New\n gcloud beta terraform vet ./tfplan.json --policy-library=/path/to/policy-library \\\n --impersonate-service-account=account@project.iam.gserviceaccount.com\n\n2. (Optional) Upgrade constraint templates\n------------------------------------------\n\n`terraform-validator` documentation historically gave instructions on how to\nwrite `v1alpha1` Constraint Framework policies; there is a newer format that we\nrecommend for\n[writing new policies](https://github.com/GoogleCloudPlatform/policy-library/blob/main/docs/constraint_template_authoring.md).\nYou can also\n[upgrade existing policies to use the new format](https://github.com/GoogleCloudPlatform/policy-library/blob/main/docs/constraint_template_authoring.md#updating-from-v1alpha1-templates)\n\nFor policies sourced from\n[github.com/GoogleCloudPlatform/policy-library](https://github.com/GoogleCloudPlatform/policy-library),\nwe recommend staying in sync with the remote repository."]]
