Running infrastructures, at any scale, can present various complications and are often composed of an array of complex configurations. As a result, Terraform continues to be the tool of choice for organizations, from start-ups to big corporations, to help manage their entire cloud lifecycle. Terraform allows users to efficiently provision, adjust, and destroy components spread across their cloud providers.
But what happens when the foundation begins to fail or shows indications of malicious activity? The RapDev Terraform Integration helps ensure real-time awareness of any failing deployments, escalation of critical user privileges, exposed secret variables, and much more. It allows Datadog users to bring yet another tool from their tech stack onto one view alongside other applications and monitored elements.
The first thing you will see on the dashboard when leveraging the integration is the high-level view of your whole account. Items like your organizations, workspaces, users, variables (along with their sensitivity status), and teams. You can almost instantly identify any new access points, such as unrecognized users or a change in one of your crucial variables’ properties. Finally, the table below provides an overview of your workspace’s status so you can better prioritize what needs attention. Not only is this vital information in the dashboard view, but the metrics can also be leveraged to allow for alerts in case you come across any of the scenarios previously described.
Once you identify areas that require further investigation, the ‘Workspace Runs’ section provides an in-depth view into the activity in the Terraform organization of your choice. The details per run include the status, source/trigger reason, and purpose (plan, refresh, destroy, etc.). Changes made are also tracked in this section.
The third section of the dashboard is intended for upkeeping the security of your account(s) and helps prevent unauthorized permission changes. It’s separated into two sections, one for your internal teams and the other for your users. On the internal side, you should regularly check that only the correct personnel have administrative access. Administrators can modify API tokens, change access to the organization(s), update the visibility of your account, or even destroy it altogether. When looking at the user level, it is key to ensure that new organizations or service accounts don't suddenly appear. Only your administrators should have the ability to manage security tokens.
Finally, for those who leverage terraform agents for isolated, private, or on-site premises infrastructure, this section display provides a condensed view of your agent pools, agent auth tokens, and the actual agents with their statuses (error, busy, idle, etc.). This gives you insight into your hard-to-reach agents without the hassle of accessing your environment(s).
Don't forget about Terraform
RapDev’s newly released Terraform Integration for the Datadog marketplace brings this fundamental IaaS tool to one location to allow you to build your single source of truth.