Introducing Signal Sciences Terraform Provider
DevOps has always been part of Signal Sciences’ DNA: the company was created when the founders couldn’t find a WAF solution that could keep pace with the rapid rate of releases that DevOps enables. Traditional WAF offerings required rule changes whenever applications changed, and the constant tuning of rules was incompatible, on an operational level, with applications that were being updated multiple times a week, or even multiple times a day.
In keeping with our goal of being the most DevOps-friendly WAF, we are excited to announce today the release of a HashiCorp Terraform provider for Signal Sciences, which will further embed the management of Signal Sciences into our customers’ automated CI/CD pipelines.
Terraform from HashiCorp has grown to be a leading tool used to automate the provisioning and configuration of cloud infrastructure—it’s what our parent company, Fastly, uses as well. What used to be done manually in data centers—installing a new server rack, connecting it to the network—can now be done in the cloud with code. With providers, third parties such as Signal Sciences can extend Terraform with custom functionality so that tasks performed in third-party tools like Signal Sciences can also be accomplished in Terraform code.
What are Day 2 Activities?
The deployment of a technology like Signal Sciences’ next-gen WAF is something the staff at our customer Replicated have described as a “Day 1” problem, which in their eyes we have solved with our agent-module architecture. But automating the Day 2 activities—setting up users, creating new rules, signals and lists—is what the Terraform provider for Signal Sciences is designed to help with.
Code is now used not only to create applications that run on virtual infrastructure, but now also used to provision and manage that infrastructure as well. This has empowered DevOps organizations to move with greater speed: as application teams create and expand applications, SREs are able to ensure those applications have a platform to run on that will meet the demand and reliability needs of end-users, while also keeping the application and end users secure.
Most Signal Sciences customers today already automate the deployment of the Signal Sciences agent alongside their apps and APIs in their DevOps pipelines. No matter where the application or API is deployed to—whether that is a developer’s laptop, on-premise infrastructure, PaaS, container or non-container based infrastructure, or public cloud—Signal Sciences protection is deployed right along with it.
Since our management console has been developed API-first, the Terraform provider allows customers to automate nearly all of the tasks with code that our customers would traditionally perform in our management console with a mouse and keyboard.
What Can You Automate and Why?
The Terraform provider for Signal Sciences empowers teams to create and manage the configurable resources in Signal Sciences that are key to ensuring our next-nen WAF provides the protection needed for each customer’s unique security needs and priorities. Tasks that may have been done manually in the management console, such as updating a block list of IPs, can now be done with Terraform code!
For example, customers can now use Terraform to configure resources, such as:
- Signal Sciences rules
Automation enables teams to be more efficient in the way they spend organizational time and resources. In addition, the safeguards built into an automation platform allow for activity to be tracked, monitored, and reverted for security and audit purposes. Being able to manage Signal Sciences resources in Terraform provides several key benefits:
- Reduction in time and resources spent managing Signal Sciences for a large portfolio of applications.
- Reduction in risk of making significant changes to Signal Sciences resources such as rulesets.
- Improved security as a result of being able to roll out important changes to Signal Sciences resources in a timely and automated manner.
If you’re not using Signal Sciences yet and want to know how we help organizations at every stage of the DevOps journey protect their applications, please contact us today for a demo!