1. Home
    2. Prisma
    3. Prisma Cloud
    4. Prisma Cloud Code Security
    5. Get Started with Prisma Cloud Code Security
    6. Connect Your Repositories to Code Security
    7. Add Terraform Enterprise (Run Tasks)

    Add Terraform Enterprise (Run Tasks)

    Integrate Prima Cloud with Terraform Enterprise (Run Tasks) to enforce the policy as a code framework for Terraform workspaces that use Sentinel language with a predefined enforcement level that prevents any risky Terraform run. With Terraform Enterprise (Run Tasks) integration, Prisma Cloud will scan your Terraform frameworks for any misconfiguration in Prisma Cloud default policies, out-of-the-box policies and custom policies.
    Terraform always performs runs for a workspace. Therefore, the workspace serves as a working directory when running Terraform locally, providing the configuration, state, and variables for the run. Each workspace is associated with a particular Terraform configuration, where Terraform Cloud maintains a queue for runs and processes those runs in order. Each run passes through multiple run stages (pending, plan, cost estimation, policy check, apply, and completion), and this integration communicates the status of the run (either pass or fail) that is accessible on the Prisma Cloud console.
    1. Verify the prerequisites.
      For Terraform Enterprise (Run Tasks) integration get the details for enabling authentication to Prisma Cloud.
      • Terraform Enterprise Console
        Access to Terraform Enterprise console enables you to provide user token that authorizes Prisma Cloud to access workspaces and helps regulate run configuration in Terraform console.
      • Terraform Cloud Enterprise version
        Run Tasks for workspaces on Terraform Cloud is compatible with version 1.1.9 and above. Ensure your Terraform Cloud version is compliant with the requirement.
      • Terraform Cloud Enterprise user permission
        For a workspace integration of run tasks you need organization permission to manage workspace.
    2. Integrate Terraform Enterprise (Run Tasks) with Prisma Cloud.
      1. Select
        Settings > Repositories > Add Repository
        .
      2. Select
        Terraform Enterprise (Run Tasks)
        .
      3. Add
        User Token
        .
      4. Add
        Domain
         and then select
        Next
        .
        Ensure an IP address and your Terraform Enterprise URL are on the allow list for Prisma Cloud. To know more about the allow list see enable access to the Prisma Cloud Console.
    3. Select organization to create event hooks on Prisma Cloud.
      1. Select the organization and then select
        Next
        .
        Prisma Cloud currently supports one Terraform organization for a single integration instance.
        Prisma Cloud creates event hooks for a Terraform Cloud organization to receive run task notification from Terraform Cloud.
    4. Select workspace to scan during Terraform Cloud run lifecycle.
      1. Select workspace to scan during the Terraform Cloud run lifecycle.
        You can select multiple workspaces for Prisma Cloud to scan during the Terraform Cloud run lifecycle.
      2. Select
        Next
        .
    5. Verify the Terraform Enterprise (Run Tasks) integration with Prisma Cloud.
      1. A
        New integration successfully configured
         message appears after integration is successfully set up and then select
        Done
        .
        Access
        Code Security > Projects
         to view the latest integrated Terraform Enterprise (Run Tasks) repository to Suppress or Fix the policy misconfigurations.
        A Terraform Cloud run may fail if a Run Task configuration for a workspace is set at
        Mandatory.
         You can re-configure the severity level using
        Enforcement
        .

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo