Cisco Secure Workload (Tetration) Terraform Provider

Note: this Terraform provider is now publically available on the Terraform Registry.

Terraform Provider for managing Cisco Secure Workload (Tetration) resources.

Usage

Using the Terraform Registry

Create a main.tf file with the following content, save, and run terraform init from a terminal window in the same directory as main.tf:

terraform {
  required_providers {
    tetration = {
      source = "CiscoDevNet/tetration"
      version = "0.1.0"
    }
  }
}

provider "tetration" {
  api_key                  = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  api_secret               = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  api_url                  = "https://tenant.tetrationpreview.com"
  disable_tls_verification = false
}
resource "tetration_filter" "filter" {
  name         = "Terraform created filter"
  query        = <<EOF
                    {
                      "type": "eq",
                      "field": "ip",
                      "value": "10.0.0.1"
                    }
          EOF
  app_scope_id = "5ed6890c497d4f55eb5c585c"
  primary      = true
  public       = false
}

Building and Consuming

Build the plugin

make build

Copy the plugin to your terraform plugin directory, e.g.

mkdir ~/.terraform.d/plugins/darwin_amd64
cp terraform-provider-tetration ~/.terraform.d/plugins/darwin_amd64

3.Add plugin to terraform for the current module you are working on

cd /path/to/terraform/module
terraform init -plugin-dir ~/.terraform.d/plugins/darwin_amd64

4.Write terraform code using this provider.

provider "tetration" {
  api_key                  = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  api_secret               = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  api_url                  = "https://tenant.tetrationpreview.com"
  disable_tls_verification = false
}

resource "tetration_filter" "filter" {
  name         = "Terraform created filter"
  query        = <<EOF
                    {
                      "type": "eq",
                      "field": "ip",
                      "value": "10.0.0.1"
                    }
          EOF
  app_scope_id = "5ed6890c497d4f55eb5c585c"
  primary      = true
  public       = false
}

More example terraform modules for managing tetration resources with this provider.

Development

Testing

Tests can be executed via

make test

When the test process is running any variable set in a top level .env file in this project will be available to the tests as an environment variable.

Example .env file

VARIABLE=value

This file is gitignored to prevent any sensitive material such as api keys from being published.

Publishing

To build binaries for mac, linux(amd64), windows(x86), run

make cross-compile

The built binaries will be placed in the bin directory.

Use Case

Cisco Secure Workload (formerly Tetration) Terraform Provider

What is Terraform?

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

The key feature of Terraform is Infrastructure as Code

Infrastructure as Code (IaC) allows you to provision and manage the full technology stack using automation, by translating manual, repetitive tasks into reusable, robust, secure, and distributable code. Using IaC, you can create golden templates to simplify your work. You can continuously design-build-deploy-destroy-rollback in live environments so your network and security can stay agile while you focus on product and service innovation.

terraform-provider