We run OpenRouter as shared infrastructure across several product teams, and managing
it by hand in the dashboard stopped scaling — untracked keys, no spend guardrails,
no audit trail of who can use what.
So we built a Terraform/OpenTofu provider that manages the whole OpenRouter org as
code, not just API keys: workspaces, guardrails, spend/time limits, organization
members, plus data sources for providers and existing keys.
There are a few OpenRouter Terraform providers out there, but they're mostly
API-key CRUD. The thing we needed — and couldn't find — was governance: scope a
workspace, attach a guardrail, issue a capped key, review it in a PR, and reproduce
it across environments.
Registry: https://registry.terraform.io/providers/cloudopsworks/openrouter/latest
Repo: https://github.com/cloudopsworks/terraform-provider-openrouter
Write-up: https://cloudopsworks.co/resources/governing-openrouter-at-scale-with-terraform/
It's early (v0.1) and open source. Honest feedback on the resource model and the
guardrails API coverage especially welcome — what would you need before putting
this in production?
Top comments (0)