Automate your Application Security / ASPM lifecycle using Infrastructure-as-Code. The Cortex Cloud Terraform provider allows platform teams to programmatically manage integrations, business applications, custom rules, and compliance profiles at scale.
Source of truth: For the most up-to-date schema, provider versions, and complete resource documentation, always refer to the official Cortex Cloud Terraform provider registry.
Authentication and configuration
Before automating your Application Security workflows, you must initialize and authenticate the cortexcloud Terraform provider using your tenant's API credentials.
Provider version requirement
To manage Application Security-specific resources, you must declare the latest provider version (refer to Cortex Cloud Terraform provider registry.
Authentication prerequisite
To authenticate, you must generate a dedicated API key in the Cortex Cloud console under → → . For more information, refer to Manage API keys.
The provider requires the following parameters to authenticate:
api_url: The API URL of your Cortex Cloud tenant, formatted ashttps://api-{fqdn}api_key: Your Cortex Cloud API keyapi_key_id: Your Cortex Cloud API key ID (must be a number)api_key_type: You must set this attribute to standard or advanced depending on the key you generated to prevent authentication errors. Note that it defaults toadvanced. It is highly recommend to use an advanced API key level for added security
Configuration methods:
You can pass credentials using one of three methods:
Provider block parameters
provider "cortexcloud" { api_url = "https://api-{fqdn}" api_key = "your-api-key" api_key_id = 12345 api_key_type = "advanced" }Environment variables
You can set
CORTEXCLOUD_API_URL,CORTEXCLOUD_API_KEY,CORTEXCLOUD_API_KEY_ID, andCORTEXCLOUD_API_KEY_TYPE.Configuration file
A JSON file referenced by the
config_fileattribute.