Terraform Incapsula Provider

• Website: https://www.terraform.io
• 
• Mailing list: Google Groups

Maintainers

This provider plugin is maintained by the team at Imperva.

Requirements

• Terraform 0.14.x
• Go 1.23.0 (to build the provider plugin)

Building The Provider

Clone repository to: $GOPATH/src/github.com/terraform-providers/terraform-provider-incapsula

$ git clone git@github.com:imperva/terraform-provider-incapsula $GOPATH/src/github.com/terraform-providers/terraform-provider-incapsula

Enter the provider directory and build the provider

$ cd $GOPATH/src/github.com/imperva/terraform-provider-incapsula
$ make build

Using the provider

If you're building the provider, follow the instructions to install it as a plugin. After placing it into your plugins directory, run terraform init to initialize it. Documentation about the provider specific configuration options can be found on the provider's website.

Developing the Provider

If you wish to work on the provider, you'll first need Go installed on your machine (version 1.11+ is required). You'll also need to correctly setup a GOPATH, as well as adding $GOPATH/bin to your $PATH.

To compile the provider, run make build. This will build the provider and put the provider binary in the $GOPATH/bin directory.

$ make bin
...
$ $GOPATH/bin/terraform-provider-incapsula
...

In order to test the provider, you can simply run make test.

$ make test

In order to run the full suite of Acceptance tests, run make testacc.

Note: Acceptance tests create real resources, and often cost money to run.

$ make testacc

An automation script is provided for Mac darwin 64amd based developers that encapsulates initial setups along make described commands. Please note that OS_ARCH=darwin_amd64 is uncommented in GNUmakefile for default Mac users, if needed for Linux users comment back and uncomment OS_ARCH=linux_amd64

Brew is a pre-requisite for this script, as the main package manager to install the dependent libraries such as Golang, Terraform and Git. More details about this script is provided as inner code comments and description.

Script location /scripts/tf-provider-incap-orch.sh.

Script installation command will clone this repository to /workspace folder as a first step and pull from git in subsequent runs.

It's recommended to download the script to some directory in local machine and start with installation command execution

./tf-provider-incap-orch.sh -i "youApiID" "youApiKey"

Mock Server for Testing

A mock Imperva API server is provided for running tests without requiring real API credentials. This enables CI/CD pipelines and local development without access to a live Imperva environment.

Starting the Mock Server

make server

This starts the mock server on port 19443. The server outputs the required environment variables:

export INCAPSULA_API_ID=mock-api-id
export INCAPSULA_API_KEY=mock-api-key
export INCAPSULA_BASE_URL=http://localhost:19443
export INCAPSULA_BASE_URL_REV_2=http://localhost:19443
export INCAPSULA_BASE_URL_REV_3=http://localhost:19443
export INCAPSULA_BASE_URL_API=http://localhost:19443
export INCAPSULA_CUSTOM_TEST_DOMAIN=.mock.incaptest.com

Running Tests with Mock Server

# Terminal 1: Start the mock server
make server

# Terminal 2: Run tests (requires mock server to be running)
make test

Implemented Endpoints

The mock server implements the following Imperva API endpoints:

Account Management (Cloud v1 API Documentation)

Endpoint	Method	Description
/accounts/add	POST	Create account
/account	POST	Get account status
/accounts/configure	POST	Update account
/accounts/delete	POST	Delete account
/accounts/data-privacy/show	POST	Get data privacy settings
/accounts/data-privacy/set-region-default	POST	Set default data region

Site Management (Cloud v1 API Documentation)

Endpoint	Method	Description
/sites/add	POST	Create site
/sites/status	POST	Get site status
/sites/configure	POST	Update site
/sites/delete	POST	Delete site

CSP Pre-Approved Domains (CSP API Documentation)

Endpoint	Method	Description
/csp-api/v1/sites/{siteId}/preapprovedlist	GET	List pre-approved domains
/csp-api/v1/sites/{siteId}/preapprovedlist	POST	Add pre-approved domain
/csp-api/v1/sites/{siteId}/preapprovedlist/{domainRef}	GET	Get specific domain
/csp-api/v1/sites/{siteId}/preapprovedlist/{domainRef}	DELETE	Remove domain
/csp-api/v1/sites/{siteId}/domains/{domainRef}/status	GET/PUT	Domain status
/csp-api/v1/sites/{siteId}/domains/{domainRef}/notes	GET/POST/DELETE	Domain notes

Response Format

All API responses follow the standard Imperva format:

{
  "res": 0,
  "res_message": "OK",
  "debug_info": {...},
  "account|site|data": {...}
}

Error responses use non-zero res codes as documented in the API documentation.

Adding New Endpoints

To add new endpoints to the mock server:

1. Add the route in mock_server.go in the router() function
2. Implement the handler function following existing patterns
3. Add tests in mock_server_test.go
4. Update this documentation