Run symflow init

The symflow init command will generate the configuration for your first Flow.


Running symflow init must be run in an empty directory, and will generate three files:

  • The main Terraform file containing all of your Sym resource delcarations
  • A sample implementation file with a reducer and a hook
  • A file declaring the Sym Terraform provider version



Further reading

For more details about each of the files below, please see Initial Configuration Details.

locals {
  environment_name = "main"

provider "sym" {
  org = "your-org-slug"

resource "sym_flow" "this" {
  name  = "approval"
  label = "Approval"

  implementation = "${path.module}/"
  environment_id =

  # These variables are made available in your via `event.flow.vars`
  vars = {
    # You can add more emails to this as a comma separated list, e.g. auto_approve = "[email protected],[email protected]"
    # This variable is used in the `on_request` hook in!
    auto_approve = "[email protected]"

  params {
    # If you want a Flow with an escalation strategy, add your strategy_id here!
    # strategy_id = ...

    # Each prompt_field defines a custom form field for the Slack modal that
    # requesters fill out to make their requests.
    prompt_field {
      name     = "resource"
      label    = "What do you need access to?"
      type     = "string"
      required = true
    prompt_field {
      name     = "reason"
      label    = "Why do you need access?"
      type     = "string"
      required = true

# The sym_environment is a container for sym_flows that share configuration values
# (e.g. shared integrations or error logging)
resource "sym_environment" "this" {
  name            = local.environment_name
  runtime_id      =
  error_logger_id =

  integrations = {
    slack_id =

    # Add your integration IDs here!

resource "sym_integration" "slack" {
  type = "slack"
  name = "${local.environment_name}-slack"

  external_id = "T12345"

# This sym_error_logger will output any warnings and errors that occur during
# execution of a sym_flow to a specified channel in Slack.
resource "sym_error_logger" "slack" {
  integration_id =

  # Make sure that this channel has been created in your workspace
  destination    = "#sym-errors"

resource "sym_runtime" "this" {
  name = local.environment_name

  # For AWS IAM, SSO, Lambda strategies, add your context ID here! For example:
  # context_id =
from sym.sdk.annotations import hook, reducer
from sym.sdk.integrations import slack
from sym.sdk.templates import ApprovalTemplate

# Reducers fill in the blanks that your workflow needs in order to run.
def get_approvers(event):
    """Route Sym requests to a specified channel."""

    # Make sure that this channel has been created in your workspace!

# Hooks let you change the control flow of your workflow.
def on_request(event):
    """Auto-approve people defined in the auto-approve list in the sym_flow vars"""

    flow_vars = event.flow.vars
    auto_approve = flow_vars["auto_approve"].split(",")

    if event.user.username in auto_approve:
        original_reason = event.payload.fields.get("reason")
        new_reason = f"Auto-approved! {original_reason}️"
        return ApprovalTemplate.approve(reason=new_reason)
terraform {
  required_providers {
    sym = {
      source  = "symopsio/sym"
      version = "~> 2.0"