Using Terraform for container security as code with Sysdig Secure

In the following tutorial you can learn how to implement container security as code. You probably have a CI/CD pipeline to automatically rebuild your container images. What if you could define your container security as code, push it into a Git repository to version control changes and then enforce your policy in your container orchestration tool like Docker or Kubernetes using Sysdig Secure? Terraform is an awesome tool to deploy and update your infrastructure using code. You might be using it already to automate your clusters deployment in cloud providers like AWS, Google Cloud, Azure or IBM. The good news is that now you can configure your container security as code with Terraform and Sysdig Secure. Installing the Sysdig Secure Terraform provider is really easy. Some pre-requirements that you need to have installed in your system are Terraform (see here how) and Go (>1.9) to compile the provider code (the easiest is to install Go runtime using a package manager like apt or yum). Go to our the Sysdig Secure Terraform provider repository and clone the code with git clone https://github.com/draios/terraform-provider-sysdig.git. From the repository directory run go build. Once built you will find a binary terraform-provider-sysdig, move it under $HOME/.terraform.d/plugins (you might have to create that directory).

Source: sysdig

Leave a Reply