# Using Abbey with Spacelift

{% hint style="info" %}
**Estimated time:** \~5 minutes
{% endhint %}

In this tutorial, you'll learn how to use Abbey with [Spacelift](https://spacelift.io/).

Abbey helps you manage the workflows for access requests and approvals, making it easier for people to get access to [Resources](https://docs.abbey.io/how-abbey-works/concepts#resources).

Spacelift is a sophisticated CI/CD platform for OpenTofu, Terraform, and Terragrunt.

By using Abbey and Spacelift together, you can:

1. Scalably manage your infrastructure access.
2. Securely manage your Terraform state.
3. Easily and securely manage your secrets.

## Before you start

1. Create an [Abbey ](https://accounts.abbey.io/sign-up)account.
2. Have a [Spacelift ](https://docs.spacelift.io/getting-started#step-1-create-your-spacelift-account)account.
3. Have a [GitHub](https://docs.github.com/en/get-started/quickstart/creating-an-account-on-github) account.

## Spacelift Setup

Setting up Spacelift contains 3 steps:

1. [#connect-a-github-repo-to-your-spacelift-account](#connect-a-github-repo-to-your-spacelift-account "mention")
2. [#create-a-stack-on-spacelift](#create-a-stack-on-spacelift "mention")
3. [#add-your-abbey-token-in-spacelift](#add-your-abbey-token-in-spacelift "mention")

## Connect a GitHub repo to your Spacelift account

To get started, we need to add your GitHub repo containing your Terraform files for your Abbey Terraform Resources.

{% hint style="info" %}
If you don't have a GitHub repo with Abbey Terraform Resources, you can easily create one by following one of the [Step-by-Step Tutorials](https://docs.abbey.io/getting-started/tutorials).
{% endhint %}

### Navigate to Spacelift Organization Settings

Go to your Spacelift account and navigate to your **Organization Settings**.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FZcSmrIBdUrFenFGvC0Dr%2Fspacelift-org-settings.png?alt=media&#x26;token=151b2702-5442-48f8-8d6f-03faada9f642" alt=""><figcaption></figcaption></figure>

### Navigate to Source Code Settings

On the left side panel, navigate to **Source Code** under **OTHER**, then click on **SET UP** in the **GitHub (custom App)** section.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FdONEHi1AP2JbMxTWXJG5%2Fspacelift-other-source-code.png?alt=media&#x26;token=f53fe247-9536-4c3e-999e-430de9c53ceb" alt=""><figcaption></figcaption></figure>

### Use the wizard to configure GitHub

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FYc312gUT4E4rWUGv41Sy%2Fspacelift-github-use-wizard.png?alt=media&#x26;token=aa58d56d-f27f-4331-93ff-774d4c4371c9" alt=""><figcaption></figcaption></figure>

Follow the prompts. You'll be asked to select GitHub.com or a Self-hosted installation, followed by Personal or Organization, and then to confirm to be redirected to GitHub to create your Spacelift GitHub App.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2F6mr8TnaADyJmJ39zXxnu%2Fspacelift-github-ok.png?alt=media&#x26;token=4ed205cf-8882-4efa-ac84-2582875a4b87" alt=""><figcaption></figcaption></figure>

### Create Spacelift GitHub App

Use the default name supplied by Spacelift and click on **Create GitHub App**

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FxRrU5Egy8uVtVvBaOOST%2Fspacelift-create-github-app.png?alt=media&#x26;token=e8a67a88-24a7-4fd4-914c-71af23726ce7" alt=""><figcaption></figcaption></figure>

Once created, you'll be redirected back to Spacelift.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FvouW3ePdqJ8nfviyopOT%2Fspacelift-github-app.png?alt=media&#x26;token=4fe7c8e0-5971-4052-beb3-93d8c5e0d4fd" alt=""><figcaption></figcaption></figure>

### Navigate to GitHub Developer Settings

You're not done yet! Now you'll need to go to GitHub and navigate to **Developer Settings** to install your newly-created Spacelift GitHub App.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FDv1rPyUAWzt08AV5g5Km%2Fspacelift-github-dev-settings.png?alt=media&#x26;token=45426745-bd37-4226-b1b7-fd96147f1c97" alt="" width="375"><figcaption></figcaption></figure>

### Edit Spacelift GitHub App

Click on **Edit** next to your Spacelift GitHub App.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FxCt9lAGpkLIjvdQ7OqGP%2Fspacelift-github-app-edit.png?alt=media&#x26;token=3d0ab7a0-803b-4898-b51e-a611281f3300" alt=""><figcaption></figcaption></figure>

### Install Spacelift GitHub App

Click on **Install** to install your App.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FtC5USiWJlsjrycd5A8ch%2Fspacelift-github-app-install.png?alt=media&#x26;token=bc2b7e3e-80e0-4da0-81bd-b80fde8cdd55" alt=""><figcaption></figcaption></figure>

### Select your repo

This is where you get to scope down the app's permissions. Select the repo containing your Terraform files for your Abbey Terraform Resources.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FpkC1iyJ9H8GK9hk67FYN%2Fspacelift-github-select-repo.png?alt=media&#x26;token=b8ea8bb7-7296-4f86-856e-9ac3b1b43a89" alt=""><figcaption></figcaption></figure>

Once you install the app, you'll be redirected back to Spacelift.

## Create a Stack on Spacelift

Now you can create a [Stack](https://docs.spacelift.io/concepts/stack/). You will need a Stack to connect your source control and manage your Terraform state.

### Create Stack

Click on **Create Stack** on the top right.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FetHp7X26H2hR4ZoYxMkN%2Fspacelift-create-stack.png?alt=media&#x26;token=7a5bb6b9-9cb8-4134-ae68-42bd61020e29" alt=""><figcaption></figcaption></figure>

### Add Stack details

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FynQOeAacdie4tal6hekN%2Fspacelift-add-stack-details.png?alt=media&#x26;token=946dd070-f7fc-4784-94a9-74718abfb3ea" alt=""><figcaption></figcaption></figure>

### Integrate VCS

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2F2Z47Up6rE7LgQNh8GZUA%2Fspacelift-integrate-vcs.png?alt=media&#x26;token=97be0fbc-0c2f-4048-899e-13715c999474" alt=""><figcaption></figcaption></figure>

From here, you can choose to go through the rest of the Spacelift screens or simply click on **Skip to summary**.

### Review Summary

Review your choices and then click on **Create Stack**.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FRAecWOD2itrv7nJXFDeY%2Fspacelift-summary.png?alt=media&#x26;token=37c4cf6f-c533-418b-a35b-ac3a3392693f" alt=""><figcaption></figcaption></figure>

## Add your Abbey Token in Spacelift

Now that you have your GitHub repo connected to Spacelift and your Stack created, you'll need to add your Abbey Token as a secret in Spacelift.

### Navigate to your Stack's Environment

Click on your Stack, then click on the **Environment** tab near the top.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2F6HYRyA1ecYbhjqD0ytyA%2Fspacelift-environment.png?alt=media&#x26;token=90bc5ee7-f048-4826-885e-34cfd76be4c9" alt=""><figcaption></figcaption></figure>

### Add your Abbey Token secret

Click on **Edit**, then fill in your `TF_VAR_abbey_token` with your [Abbey Token from the Abbey App](https://docs.abbey.io/admin/managing-api-tokens). Now click on **Done** on the top right.

<figure><img src="https://1502779850-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FudoTqG501gLo2MLzBG55%2Fuploads%2FoxcdzldzNA5uieEjAglH%2Fspacelift-add-token.png?alt=media&#x26;token=262e364e-14b4-48b4-9473-c33330d45c91" alt=""><figcaption></figcaption></figure>

## :tada: Wrap up

That's it! Congrats, you have now set up Abbey with Spacelift!

When your users request access to resources in Abbey, a Pull Request will be created on GitHub. Once all policy and workflow checks pass, reviewers will be notified to approve or deny the request. Upon approval, Abbey will merge the Pull Request, followed by Spacelift performing a `plan`. If you have auto-deploy configured in Spacelift, it will then run an `apply`, otherwise you can review a final time and manually `apply` via the Spacelift UI.

If your resource has an auto revocation policy, then Abbey will automatically revoke access in which another Pull Request will be created and the same git-based flow will occur, this time undoing the previous access grant.

## Next Steps

To learn more about what [resources](https://docs.abbey.io/resources "mention") you can configure, try one of our [](https://docs.abbey.io/getting-started/tutorials "mention").