April 30, 2024

Manage secure Terraform and OpenTofu configuration with Resourcely + Terrateam

Today we are announcing a new integration with Terrateam, a powerful infrastructure as code platform that simplifies and automates Terraform workflows. With this new integration, you can write better Terraform and OpenTofu at scale: stopping misconfiguration in it's tracks and generating proper infrastructure-as-code and cloud resources immediately. Get started today to leverage Resourcely's secure configuration platform with Terrateam's collaborative and streamlined approach to managing Terraform projects.

The Resourcely-Terrateam Integration

The Resourcely-Terrateam integration enables developers to automatically evaluate their Terraform and OpenTofu plans against Resourcely Guardrails directly within their pull requests. This means that every proposed change to your infrastructure is evaluated for potential security risks and compliance issues before it is applied.

When a developer opens a pull request with changes to their Terraform code, Terrateam automatically runs a plan operation and generates the necessary Terraform plan files. Resourcely then evaluates these plan files against the configured Resourcely Guardrails. If any guardrails are violated, Terrateam provides immediate feedback in the pull request, highlighting the specific issues and offering guidance on how to resolve them.

How does it work?

When you open a pull request with changes to your Terraform or OpenTofu code, Terrateam automatically runs a plan operation and generates the necessary plan files. Behind the scenes, the Resourcely CLI evaluates these plan files against the configured Resourcely Guardrails. If any guardrails are violated, Terrateam notifies you by providing detailed feedback directly in the pull request.

The integration makes it easy for teams to discuss and resolve any Resourcely Guardrail violations. This ensures that IaC changes adhere to industry best practices and organizational security policies before they are applied.

Getting Started

To start using the integration, follow these simple steps:

  1. Enable the Resourcely integration in your Terrateam configuration file .terrateam/config.yml

    integrations:
      resourcely:
        enabled: true
  2. Store your Resourcely API token as a GitHub Secret.
  3. Configure your desired Resourcely Guardrails and Blueprints.
  4. Open a pull request with changes to your infrastructure.
  5. Terrateam will call the Resourcely CLI against your generated plan files.
  6. If any violations are found, Terrateam will provide feedback directly within the pull request.

For detailed instructions, check out our documentation on integrating Terrateam with Resourcely.

Terrateam and Resourcely

The Terrateam-Resourcely integration is an easy win for organizations looking to elevate their infrastructure security and compliance. By combining Terrateam’s IaC workflows with Resourcely’s expertise in creating secure-by-default infrastructure, teams can proactively prevent misconfigurations, enforce compliance, and maintain secure infrastructure.