Introducing the Terraform Provider for Lacework

We are proud to announce the release of our new Terraform Provider for Lacework. This enables organizations to automate the configuration of the Lacework Security Platform in order to bring their public cloud environments under the protection of Lacework.

Organizations today are either choosing public cloud or rapidly migrating to it in order to compete with the elite performing technology companies. With this comes all of the challenges of securing those environments in the midst of continuous change, compliance regulations and emerging threats.

Lacework is purpose-built to secure many aspects of our customers’ cloud environments, but a common challenge is how to get all of those environments integrated and configured as quickly and efficiently as possible.

Customers can login to our user interface and manually configure the settings to allow Lacework the access needed to monitor their cloud environments. That may work just fine if they have only one or two accounts. The reality is that the larger majority of our customers don’t just have one AWS or GCP account, but instead have HUNDREDS of them. Each account may be owned by a different business unit or team, or they are often divided into logical environments such as development, staging, production, PCI, SOC 2 and so on. Each account may have different alert channels, alert rules and integrations. If this sounds familiar, then you understand the need to automate as much as possible.

Terraform Provider for Lacework

HashiCorp’s Terraform is a powerful framework that helps organizations configure cloud environments from code. At Lacework, we use Terraform to manage our multi-cloud environments, but we also use it for managing APIs from platforms such as Github.

Our new Terraform Provider was released because we understand that while our customers expand their footprint in the cloud, they should be able to automate Lacework the same way they do any other environment.

Lacework Terraform Resources

The initial release of the provider offers seven custom resources needed to integrate cloud accounts into Lacework:

  • lacework_api_token – Creates a bearer API token to be used to authenticate API requests
  • lacework_integration_aws_cfg – Create an AWS config integration to analyze AWS configuration compliance
  • lacework_integration_aws_ct – Configure an AWS account for CloudTrail behavior-based anomaly detection
  • lacework_integration_azure_al – Configure an Azure account for activity log integration
  • lacework_integration_azure_cfg– Azure configuration and compliance visibility
  • lacework_integration_gcp_at– Google Cloud audit trail
  • lacework_integration_gcp_cfg– Google Cloud configuration

This, of course, is just the beginning, and we will continue to add more resources as we release new public APIs to the platform.

This provider is now available on the Terraform Provider’s site and is ready for use. We have also released an open-source Terraform Provisioning project on Github that provides ready-to-use code for spinning up the required resources Lacework needs to integrate into your public cloud accounts.

All of this work is part of a broader commitment to providing our customers with the tools they need to operate with speed and efficiency without compromising security.

Stay tuned for upcoming blog posts where we get hands-on with this code!