Manage Alert Profiles with Terraform
This topic provides a foundational overview for using Terraform to configure and manage Lacework alert profiles.
For organizations that have adopted Hashicorp Terraform for automation, Lacework maintains the following open source projects on the Terraform Registry for automating the Lacework platform. The Terraform provider offers a growing collection of custom resources to manage the configuration of the Lacework platform. If you are new to the Terraform provider for Lacework, read the Terraform for Lacework Overview.
About Lacework Alert Profiles
An alert profile is a set of metadata that defines how your LQL queries get consumed into alerts. See the Alert Profile Overview for more details.
Configuring Alert Profiles with Terraform
The alert profile resource accepts the following properties:
name
- (Required) The alert profile name uniquely identifies the profile. It cannot start with 'LW_' as this is reserved for Lacework profiles.extends
- (Required) The name of the existing alert profile that this profile extends.alert
- (Required) The list of alert templates. See Alert below for details.
Alert
alert
supports the following arguments:
name
- (Required) The name that policies use to refer to this template when generating alerts.event_name
- (Required) The name of the resulting alert.description
- (Required) The summary of the resulting alert.subject
- (Required) A high-level observation of the resulting alert.
resource "lacework_alert_profile" "example" {
name = "CUSTOM_PROFILE_TERRAFORM_TEST"
extends = "LW_CFG_GCP_DEFAULT_PROFILE"
alert {
name = "Violation"
event_name = "LW Configuration GCP Violation Alert"
subject = "{{_OCCURRENCE}} violation detected in project {{PROJECT_ID}}"
description = var.alert_description
}
}
See additional information on the lacework_alert_profile
resource at Terraform Registry.