Configuration

Global Settings

The first thing we need to do is configure the Integration in the Organization Settings; the steps to achieve this are below

Login to Terraform Cloud and go into the organization global settings. Open Settings

Navigate to Integrations > Run tasks

Open Settings

Select Create run task

Open Settings

Enter the Endpoint URL and HMAC (Hash based Message Authentication Code) Key provided by Aqua Security. Although the HMAC Key shows as optional, this is required to allow us to authenicate your plan scans.

Open Settings

Click Create run task to validate and save.

Configuring workspaces

The next step is to configure the workspace to use the run task

Open Settings

In the workspace, go to Settings > Run Tasks

Open Settings

From the Available Run Tasks, chose the one for Aquasecurity that you just created

Open Settings

At this point you have a choice between Advisory and Mandatory. If you do not already use Aqua Security Trivy or tfsec, you may wish to set this to Advisory while you deal with any issues it finds.

Open Settings

Click Create to associate the Run Task