By Jon Jarboe, Developer Advocate
We’ve long been fans of the fantastic products coming out of HashiCorp. Terrascan and Accurics both launched with support for Terraform, helping developers detect and fix compliance and security risks in their infrastructure as code with the goal of mitigating issues before cloud infrastructure is deployed.
Today, we’re excited to announce a new integration which streamlines the configuration of self-healing infrastructure for Terraform Cloud and Terraform Enterprise users. Accurics now works with Sentinel policy as code workflows to ensure security is seamlessly embedded into development workflows. You can leverage over 1500 policies to perform deep scans in Terraform Cloud and Terraform Enterprise.
Enabling Accurics in your Terraform Cloud Workspace
The integration works for both Terraform Cloud and Terraform Enterprise, and you will need a commercial Accurics account. Enabling Accurics scans in your Terraform workspace is simple:
- In your Accurics console, open the “Integrations” page
- Click on “Terraform Cloud” and enter the requested information. This informs Accurics how to work with your Terraform Cloud workspace.
- When you click Save, a Sentinel policy will become available. Click the link to copy that to your clipboard.
- In Terraform, open the “Settings” page
- Click “Policy Sets” and “Connect a new policy set”
- Configure the settings and scope for the policy set, click “Connect policy set”
- If you’re not managing policies via your VCS, click “Policies” and “Create a new policy” to manage an individual policy.
- Configure the settings, and paste the Sentinel policy in your clipboard into the “Policy code” box. Choose the Policy Set created earlier, and click “Create policy”.
- You’re done! When you run your workspace, your Accurics policy will be assessed during the “Policy check” phase, and policy violations can prevent the run from being applied.
Self-Healing Infrastructure for DevSecOps
Given the success of high-velocity DevOps teams, we believe that self-healing infrastructure is the only way to embed security into DevOps without breaking it. Reactive processes that require manual actions simply cannot keep up. The rapid adoption of infrastructure as code provides an excellent opportunity to implement guardrails throughout the development lifecycle, starting in the earliest stages.
Terraform leads the Infrastructure as Code market, so we’re excited to enable self-healing infrastructure for all of those users. By adding Accurics, any Terraform user can automate elimination of security risks before and after deployment. To see Accurics working with Terraform, you can view our talk at Hashiconf Digital in October, check out our video or request a personalized demo and consultation.