CyberArk Terraform provider

Hi all,

Just out of curiosity, I was wondering: is there anything in progress within CyberArk to have a provider so we could describe and automate core PAS install/configs, for example ? At the moment I am only aware of the conjur terraform provider, which works perfectly fine to fetch secrets, but I was more looking into automating CyberArk environments and as you know, terraform is great :blush:

Cheers,

1 Like

Example: we need to provision an entire Core PAS + Vault Synchronizer + Conjur, we could have all of them described in terraform modules to spin up the necessary servers and perform an API driven provisioning. If there is no official work on that, it sounds to me an entire project, but it would be really good to have something like that (even maybe including PCloud ? ).

Feedbacks will be great :slight_smile:

that sounds like a hop, skip and a jump away from having Cyberark installed with Docker containers, something I am not opposed to but I have heard mixed views one

Right, but not necessarily using containers, its more to orchestrate the components, have state, plan, etc, all terraform benefits with structure, modules.

1 Like

I haven’t heard about anything like that, but that sounds like a good idea. I’ll ask around and get back to you!

1 Like

Officially, I wouldn’t expect anything regarding Terraform unless the community contributed it. As far as Ansible automated deployments, we have automated the deployment of PAS using that for all components.

You can check out the project on GitHub at:

Now, to the unofficial business…

I love HashiCorp (minus Vault, of course) and would love to have Terraform Cloud automatically provision components into AWS for me, personally. So I would say something like this is not out of the realm of possibility to see from me sometime in the future as a community contribution… but I wouldn’t hold your breath either. I have a day job. :wink:

Are there others here that would like to see this? The more positive feedback I get, the higher up my priority list this can go.

2 Likes

Hi Joe, thanks for the feed-back. You’re spot on in the idea, to be able to spin-up the required infra, etc and I would be happy to contribute as well, but surely aware of priorities, it was more a question it came to mind. Cheers.

2 Likes

When I start working on it, I’ll be sure to share the project URL here for contributions :slight_smile:

1 Like