Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.envzero.com/llms.txt

Use this file to discover all available pages before exploring further.

Using GitHub.com, GitLab.com, or Bitbucket.org with a public repository? Skip this page. OAuth is handled automatically during template creation. Continue to Connect Your Cloud Account.
This step assumes you have already created your organization.
env zero supports three methods for accessing your git repositories. The right method depends on your provider. OAuth is the recommended way to connect cloud-hosted repositories. It requires no key management, no token rotation, and grants access to your organization’s repositories in a single authorization step. You do not set up OAuth here. It happens automatically when you create your first template. When you select GitHub.com, GitLab.com, or Bitbucket.org during template creation, env zero opens an OAuth popup and stores the connection for your organization. All future templates using the same provider reuse that connection. If you are using GitHub.com, GitLab.com, or Bitbucket.org with a private repository, skip this page and continue to Connect Your Cloud Account. The OAuth setup happens in the Create Your First Template step.

SSH keys (self-hosted providers and private modules)

Use SSH keys if:
  • Your repository is hosted on GitHub Enterprise, GitLab self-managed, or Bitbucket Server
  • Your IaC code pulls private Terraform or OpenTofu modules using ssh:// URLs (an SSH key is required even if you use OAuth for the main repository)

Generate an SSH key pair and add it to your repository

This is vendor-specific. See the instructions for your provider:

Add the SSH key to your organization

  1. Open Organization Settings and go to the Keys tab.
Organization Settings SSH Keys tab showing the interface for managing SSH keys
  1. Click + Add SSH Key.
  2. Enter a name in the SSH Key Name box to identify this key later.
  3. Paste the private key you generated into the SSH Key Value box.
  4. Click Save.
The private key starts with -----BEGIN and ends with -----END. If what you pasted ends with an email address or username, that is the public key. Use the other file instead.
Add new SSH Key dialog box with fields for SSH Key Name and SSH Key Value

HTTPS tokens (self-hosted providers)

Use HTTPS tokens as an alternative to SSH for repositories on GitHub Enterprise, GitLab self-managed, Azure DevOps, or Bitbucket Server. HTTPS tokens are also supported for cloud-hosted providers if your organization policy requires token-based auth instead of OAuth.

Generate an access token in your repository

This is vendor-specific. See the instructions for your provider:
Token authentication fails most often because of missing scopes. Minimum required scopes: GitHub needs repo; GitLab needs read_repository and api; Bitbucket App Passwords need Repositories: Read; Azure DevOps needs Code: Read.

Add the token to your organization

  1. Open Organization Settings and go to the Credentials tab.
Organization Settings Credentials tab showing Git Tokens section
  1. In the Git Tokens section, click + Add Token.
  2. Enter a name in the Name box to identify this token later.
  3. Enter the token value in the Value box.
  4. Click Add.
Add new Git token dialog box with fields for Name and Value

Next steps