Terraform

Overview

QCecuring provides a Terraform provider that enables teams to manage certificate requests, CA configurations, and PKI policies as code. This brings certificate lifecycle management into existing infrastructure-as-code workflows with full plan, apply, and state management support.

Key capabilities

• Terraform resources for requesting, renewing, and revoking certificates through QCecuring.
• Data sources for querying certificate inventory and CA information during infrastructure provisioning.
• Integration with Terraform state for tracking certificate lifecycle alongside other infrastructure.
• Support for certificate deployment to cloud resources as part of unified Terraform plans.
• Policy-as-code enforcement through QCecuring’s policy engine during Terraform applies.

Typical use cases

• Infrastructure teams provisioning certificates alongside the services that consume them.
• GitOps workflows where certificate configurations are version-controlled and peer-reviewed.
• Platform teams building reusable Terraform modules that include certificate provisioning.

High-level integration flow

1. Install the QCecuring Terraform provider and configure authentication credentials.
2. Define certificate resources in Terraform configurations specifying domains, CAs, and policies.
3. Run terraform plan to preview certificate operations before applying changes.
4. On apply, QCecuring provisions certificates and returns metadata to Terraform state.
5. Certificates are tracked in both Terraform state and QCecuring’s inventory for full lifecycle governance.

CBOM Discovery

QCecuring scans Terraform state and configuration files for cryptographic resources — certificates, keys, KMS references, and TLS settings — adding them to your CBOM inventory.