Most terraform providers allow setting of provider configuration attributes via environment variables. So notable providers are

Vault - uses VAULT_TOKEN , VAULT_ADDR, etc....
AWS - uses AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, etc....
Auth0 - uses AUTH0_DOMAIN, AUTH0_CLIENT_ID, etc...

This allows much easier use of the providers especially in CI/CD pipelines. Where these values may come from pipeline secrets, container injections or remotely looked up from external locations.

While the provider currently provides a work around to this by setting variable definitions for these and then allowing them to be passed in via TF_VAR environment variables or from terraform.tfvars files. This clutters up the terraform root modules variables and still needs the user to configure them in the provider configuration block.

There is a likely chance that an engineer might accidently commit the terraform.tfvars file with API keys or set default keys in the variables or provider config and these being committed to git history forever.

Looking in the provider.go there is a reference in an error message about setting the token using an environment variable called CAPELLA_AUTHORISATION_TOKEN. However there is nothing in the provider that supports this.

This is a feature request to be able to support setting of the providers host and authorisation_token via environment variables prefixed with CAPELLA_. This will allow much easier use of the provider in CI/CD pipelines and declutter terraform code and the examples in this repo.