Home Deployment Guides

GCP Terraform Deployment Guide 

Deployment Guides

Summary

The ThreatX Web Application and API Protection (WAAP) autoscaler sensor is a Terraform module that provides a ThreatX sensor cluster in the Google Cloud Platform (GCP).

The ThreatX Sensor can be deployed behind a GCP Network Load Balancer for high availability. To facilitate HA deployment, ThreatX provides a .tf deployment template. The template may be used ‘as is’ or modified to help deployment into your particular GCP environment.

You must be familiar with Terraform modules to deploy the sensor.

Autoscaler

This template deploys a ThreatX autoscaler behind a network LB, and an egress NAT gateway. ThreatX sensors are deployed in two availability zones within the GCP region as shown in the following configuration example.

Module Input Variables

The following variables are required.

  • customer_name – ThreatX customer name. Provided by the ThreatX SOC.
  • customer_sensor_key – ThreatX sensor key. Provided by the ThreatX SOC.
  • deployment_name – A name for the deployment. It is appended to resource names.
  • region – Region for the deployment.
  • sensor_zones – Zones for sensor deployment. At least two should be defined for redundancy.
  • jump_host_zone – Zone for jump host VM deployment.
  • deployment_cidr – CIDR block defining subnet created for this deployment. Ensure that the CIDR block is large enough to accommodate max_replicas.

The following variables are optional.

  • waap_version – Version of ThreatX WAAP to deploy. Default is latest. Specific versions are not currently supported.
  • machine_type – Machine type or size for sensors. Default is e2-standard-16.
  • target_size – Target number of sensor nodes for the autoscaling group. Default is 2.
  • min_replicas – Minimum number of sensor nodes. Default is 2.
  • max_replicas – Maximum number of sensor nodes. Default is 10.
  • custom_sensor_tags – Variable for customer sensor tag customization. Add as comma-separated string, such as”tag1,tag2,tag3″.

Usage

Fill in the following parameters in sensor-deploy.tf.

module "threatx_sensor" {
  source              = "../"
  customer_name       = "<customer_name>"
  customer_sensor_key = "<customer_sensor_key>"
  deployment_name     = "<deployment_name>" # Unique name for this deployment (prod, test, etc.)
  waap_version        = "3.16.1"            # WAAP version to deploy. Default: Latest
  region              = "us-west1"
  jump_host_zone      = "us-west1-a"    
  sensor_zones        = ["us-west1-a", "us-west1-b"] # ["zone1","zone2"]
  deployment_cidr     = "10.128.0.0/28" # CIDR block for subnet
  machine_type        = "e2-medium"     # Default: e2-medium
  target_size         = 2               # Default: 2
  min_replicas        = 2               # Default: 2
  max_replicas        = 10              # Default: 10
  custom_sensor_tags  = ""              # String with comma separation per tag ("tag1,tag2,tag3")
}

Outputs

The module outputs the following variables.

  • load_balancer_ip – External IP address of the load balancer.
  • jump_host_ip – External IP address of the jump host.
  • network_id – Resource ID of the compute network.

Last Updated 2023-03-28

On this page

Additional Resources

GCP Python Deployment Guide 

Summary The ThreatX WAF sensor is a Python-based sensor that supports the Google Cloud Platform (GCP). This guide provides an overview of the deployment process. Contact the ThreatX Security Operations Center (SOC) to request the sensor Python module and supporting files. The module includes a readme with the deployment procedure. Sensor for GCP Deployment Overview […]

READ MORE
Google GCP Deployment Guide

The ThreatX WAF Sensor can be deployed behind a Google (GCP) Network Load Balancer for high availability. To facilitate HA deployment in GCP, ThreatX provides a .yml deployment template. The template may be used ‘as is’ or modified to help deployment into your particular GCP environment. Introduction: ThreatX WAF Sensors can be efficiently deployed in […]

READ MORE
AWS AMI Deployment Guide

The ThreatX WAF Sensor AMI can be used to quickly and easily add application security to applications deployed in AWS VPCs. The AMI can be found by launching an instance and searching for “ThreatX WAF” when choosing an AMI. Attributes The AMI has the following attributes: Minimum Requirements Instance size of t3.micro or larger to […]

READ MORE
ThreatX

Need some help?

SUPPORT PORTAL