We’re excited to announce that we’ve recently enhanced Orca Security’s Terraform provider to allow our customers to manage many advanced settings in the Orca Cloud Security Platform, such as users, business units, saved views, and custom dashboards. These extended Terraform provider capabilities help our customers integrate configuring Orca as part of their existing workflows, increase scalability, and reduce errors.

Pretty much from the start, Orca made it as easy as possible to connect your entire AWS org, Azure tenant, and GCP org to the Orca Platform with Infrastructure-as-Code (IaC). This allows our customers to use CloudFormation templates and ARM templates and in just a few clicks, set up Orca to start scanning their entire cloud environments.

When more and more customers began saying that they only used Terraform to deploy resources in the cloud and didn’t allow resources to be deployed through the portal or CloudFormation, we soon released Terraform modules to connect public cloud accounts to Orca. Soon after we also added support for custom alert policies and automations. 

Recently, we took our Terraform support to the next level to allow customers the ability to manage some of the more advanced settings in the Orca Platform, including users, business units, saved views, dashboards, and dozens of other settings. In this blog we explain more about our enhanced Terraform integrations and what the benefits are to our customers.

What is Terraform?

Terraform is an open-source IaC tool developed by HashiCorp that allows users to define and provision data center infrastructure using a high-level configuration language known as HashiCorp Configuration Language (HCL) or JSON. Terraform enables the automation of infrastructure deployment across various cloud providers, such as AWS, Azure, and Google Cloud, as well as on-premises environments. By using Terraform, teams can manage and version their infrastructure similarly to how they manage software code, ensuring consistent and repeatable environments.

Why is Orca Enhancing its Terraform Provider?

Terraform is widely used by many organizations across various industries for IaC-based resource provisioning. Exact numbers are difficult to pinpoint, but this provides an idea of how commonly Terraform is used:

  • HashiCorp, has over 4,100 paying customers, as of June 29th, 2024. Although Terraform is just one of their products (with both open source and paid options), it is arguably their most well-known product. 4,100+ is only the number of paying customers – there are surely many organizations who can get by using only the open-source version.
  • According to a survey conducted by Firefly in 2024, 46% of respondents are planning to use IaC to manage their SaaS applications, while 32% of respondents are managing “everything” as code (including SaaS apps). Some of those most well known SaaS apps are Okta, Cloudflare, and DataDog.

Most will agree that Terraform is only continuing to become more popular as a cloud-agnostic, easy-to-learn resource management tool. Not only that, it’s becoming more popular to manage SaaS configuration with Terraform.

Watch this video to see how you can easily provision custom dashboards with the Orca Terraform Provider

What are the enhanced Terraform capabilities in Orca?

Starting today, users can manage the following features with Orca’s Terraform Provider:

  1. Expanded automations and integrations
  2. Business units and Role Based Access
  3. Saved discovery views
  4. Custom widgets
  5. Custom dashboards

These features empower customers to really tailor the Orca experience to meet their specific needs while benefiting from the speed and ease-of-use of Terraform. We expect customers to especially benefit from the Terraform support for configuring Orca discovery views, custom widgets, and custom dashboards, because they are very useful yet sometimes harder to create and manage manually.

Screenshot of Terraform's plan that shows what Orca resource will be created and how it will be configured
Terraform plan that shows what Orca resource will be created and how it will be configured

1. Expanded integrations and automations

Automations in Orca are sets of rules for triggering system actions like:

  • Changing an alert’s score
  • Dismissing an alert
  • Sending a Slack notifications
  • Opening a Jira ticket

Automation rules can be based on queries starting with the trigger condition When an alert. You then complete the query with additional conditions and properties, such as ‘When an alert has a risk score higher than 9.5, open a Jira ticket and send a slack message to xxx’.

These automation rules have long-supported automations involving Jira and Sumo Logic, but we’ve since expanded this to cover other use cases. Via Terraform, you can now manage automations that will build Azure DevOps work items, plus automations that will send emails.

2. Business units and Role Based Access

Orca’s Business Units provide our customers with better control over which teams have access to which assets and alerts. By organizing users, assets, and alerts into distinct business units, you can ensure that only authorized personnel have access to specific resources – essentially applying Role Based Access. For quite a few reasons, this feature has stayed at the top of our “Terraform support requested” list.

3. Discovery views

Discovery views enable users to quickly access frequently used data without repeatedly creating the same discovery query (via the UI or scheduled reports). This allows team members to be more effective in their day-to-day tasks, speeding up investigations and remediation. For example, if security professionals are responsible for certain assets or environments, they could create their own discovery views that cover only those areas – allowing them to work in a more focused way.

4. Custom widgets

Custom widgets offer even greater flexibility, allowing users to design interfaces that display the most relevant information at a glance for multiple stakeholders. For instance, a widget can be created to show how many vulnerabilities with an Orca risk score of 9.5 or higher exist in the environment, or the top 10 attack paths that endanger business critical assets.

5. Custom dashboards

Orca custom dashboards are used to show a collection of widgets. This allows team members to view the data they often need to reference in a single location. Custom dashboards are a very popular feature in the Orca Platform, with customers regularly creating between 2-24 custom dashboards – depending on how many teams will be logging into the platform.

What’s Next?

You tell us! Although we’ll be working to codify other settings into Orca’s Terraform Provider, if you have a burning requirement, shoot me an email at [email protected]. I’d love to help out a prospective or current customer with a much-needed feature. You can check out our Terraform provider here!

About the Orca Cloud Security Platform

Orca offers a unified and comprehensive cloud security platform that identifies, prioritizes, and remediates security risks and compliance issues across AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud, and Kubernetes. The Orca Cloud Security Platform leverages Orca’s patented SideScanning™ technology to provide complete coverage and comprehensive risk detection. 

Learn More

Interested in discovering the benefits of the Orca Platform? Schedule a personalized 1:1 demo, and we’ll demonstrate how Orca can identify, visualize, and prioritize risks in your cloud environment.