GCP Terraform Deployment Guide 

Deployment Guides


The ThreatX Web Application and API Protection (WAAP) autoscaler sensor is a Terraform module that provides a ThreatX sensor cluster in the Google Cloud Platform (GCP).

The ThreatX Sensor can be deployed behind a GCP Network Load Balancer for high availability. To facilitate HA deployment, ThreatX provides a .tf deployment template. The template may be used ‘as is’ or modified to help deployment into your particular GCP environment.

You must be familiar with Terraform modules to deploy the sensor.


This template deploys a ThreatX autoscaler behind a network LB, and an egress NAT gateway. ThreatX sensors are deployed in two availability zones within the GCP region as shown in the following configuration example.

Module Input Variables

The following variables are required.

  • customer_name – ThreatX customer name. Provided by the ThreatX SOC.
  • customer_sensor_key – ThreatX sensor key. Provided by the ThreatX SOC.
  • deployment_name – A name for the deployment. It is appended to resource names.
  • region – Region for the deployment.
  • sensor_zones – Zones for sensor deployment. At least two should be defined for redundancy.
  • jump_host_zone – Zone for jump host VM deployment.
  • deployment_cidr – CIDR block defining subnet created for this deployment. Ensure that the CIDR block is large enough to accommodate max_replicas.

The following variables are optional.

  • waap_version – Version of ThreatX WAAP to deploy. Default is latest. Specific versions are not currently supported.
  • machine_type – Machine type or size for sensors. Default is e2-standard-16.
  • target_size – Target number of sensor nodes for the autoscaling group. Default is 2.
  • min_replicas – Minimum number of sensor nodes. Default is 2.
  • max_replicas – Maximum number of sensor nodes. Default is 10.
  • custom_sensor_tags – Variable for customer sensor tag customization. Add as comma-separated string, such as”tag1,tag2,tag3″.


Fill in the following parameters in sensor-deploy.tf.

module "threatx_sensor" {
  source              = "../"
  customer_name       = "<customer_name>"
  customer_sensor_key = "<customer_sensor_key>"
  deployment_name     = "<deployment_name>" # Unique name for this deployment (prod, test, etc.)
  waap_version        = "3.16.1"            # WAAP version to deploy. Default: Latest
  region              = "us-west1"
  jump_host_zone      = "us-west1-a"    
  sensor_zones        = ["us-west1-a", "us-west1-b"] # ["zone1","zone2"]
  deployment_cidr     = "" # CIDR block for subnet
  machine_type        = "e2-medium"     # Default: e2-medium
  target_size         = 2               # Default: 2
  min_replicas        = 2               # Default: 2
  max_replicas        = 10              # Default: 10
  custom_sensor_tags  = ""              # String with comma separation per tag ("tag1,tag2,tag3")


The module outputs the following variables.

  • load_balancer_ip – External IP address of the load balancer.
  • jump_host_ip – External IP address of the jump host.
  • network_id – Resource ID of the compute network.

Last Updated 2023-03-28

On this page

Additional Resources