What is a Template?

A template in env0 defines a type of environment that can be deployed.
Click Run Now on a template to create a new environment.

A template consists of a name, a description, a valid set of configuration files describing the deployment, and a set of Variables and Secrets.

Template Types

A template can be created out of several different types:


A Terraform type template requires your git repository to include the relevant .tf files that describe your environment. When selected, the terraform executable will be in charge of deploying your environment.


A Terragrunt type template requires your git repository to include the relevant terragrunt configuration with its valid folder hierarchy that consists of the relevant .tf files. Learn more on the official Terragrunt documentation. When selected, the terragrunt executable will be in charge of deploying your environment.


A Pulumi type template requires your git repository to include the relevant code that describes your environment. When selected, the pulumi executable will run and deploy your environment.


A CloudFormation type template requires your git repository to include the CF template JSON or YAML that describes your environment. When selected, the aws cloudformation commands will manage your environment.


A Kubernetes type template requires your git repository to contain the relevant YAML or JSON files to describe resources that are managed in your cluster. When selected, two executables are run - Kustomize, and Kubectl. Kustomize labels your resources so you'll know they are managed by env0, and as part of which environment they were created. Kubectl runs the actual commands to manage the resources, and shows the plans and changes between deploys.


A Helm type template can be configured using two chart sources, either a Helm Repo which serves your chart or a git repository that contains your chart's definition. When selected, the helm executable is used (along with the helm diff plugin) to deploy and manage your environment.

Create a Template

To create a new template, click ADD A NEW TEMPLATE on the top left in the Templates screen.
Enter the details for the git repository containing the relevant configuration files: the repository, a branch or tag name, and the path for the root directory of the Terraform/Terragrunt configuration.

Please note that you can only create templates in the Organization context, not Project.


If your VCS is not GitHub, GitLab or Bitbucket

You can either enter the details yourself, or copy the full URL of where your relevant configuration resides, and let env0 extract the values. Please note that extraction of values currently works for HTTP/S Git repositories only. If you use SSH, please enter your repository URL manually.

Also, in order to access a private repository, you will need a git access token. In the Select Token field, select a token from a list of predefined access token available to env0. To define a git access token in env0 see Manage Git Tokens.

Once your template is created, you can edit its Variables, by locating it in the template list, clicking on the Settings link, and selecting the Variables tab. By default, your environment inherits variables set at the Organization level, but you can override these or create new ones.

Manage Templates

Templates can only be added, deleted, or edited in an Organization scope. In a Project scope, you can only associate or disassociate a template with the project.

You can view the Organization's templates in the Templates tab. You can view the template code, or create a new environment from the template.

If you have appropriate permissions, you can change the settings of an existing template. For example, you can refer it to another Terraform/Terragrunt configuration, in a different repo, branch, or tag, or edit the variables.

You can also delete a template, in which case it can no longer be used to create new environments.



Changes you make to your template will only affect new deployments based on the template. To update an Active environment with the template changes you must redeploy the environment.

On-Premises Git Servers Support

In case that your git server is on your private network, you need to enable port forwarding and grant public access using a public IP (and a high port number). It is strongly recommended that you open that port in your firewall for incoming traffic only from env0's IPs (detailed below) in order to ensure proper and secure access to your git server.

Current env0 outgoing IP addresses are -


Manage Git Connectivity

Tokens (HTTP/S)

To access a private Git repository via HTTP/S, env0 needs a read-only access token.
Git access tokens are managed centrally in env0 and are referred to by templates.

Only users with an Organization Admin role can manage git tokens in env0.
To see the list of git tokens, select the Credentials tab in Organization Settings page. You can add or remove git tokens.
To add a new git token, click Add Token. Enter a name for the token, and the token value from your git hosting service.
If your git hosting service requires a username as well as a token (such as BitBucket or GitLab), enter the token value as username:token.

For details on how to generate an access token, refer to the documentation of your git hosting service:

SSH Keys

To access a private Git repository via SSH, env0 needs a private SSH key that has been allowed to access the Git repository.

SSH Keys are managed much like tokens and can be configured on the Organization level by Admins.
To enable SSH connectivity to your Git repository, first associate an SSH key with your template

Automatic Retry Policy

When running your IAC flow, you might want env0 to automatically retry in case of an error.

Automatic retries are configured per template.

To enable automatic retry

  • Find the "Retry on failure" section at the bottom of the template settings page.
  • Choose if you would like your template to be retried on Deploy, Destroy, or in both cases and the number of times to retry.
  • You can also define a Regex pattern so that env0 will only retry on certain errors. If you do not provide a Regex pattern, all errors will be retried.

Finding My Template ID

Sometimes you may need your template id for using it in our terraform provider or for some API calls.

You can find it under the Template Card Templates tab.