Infrastructure as Code for Industrial Automation Environments

Terraform Provider for SDA (Private Preview)

Software Defined Automation (SDA) is introducing a Terraform provider that enables customers to define, deploy, and manage SDA platform resources using Infrastructure as Code (IaC). This feature is currently offered in private preview. If your organization is interested in participating, please contact SDA.

Why We Built It

When a new tenant is created in SDA, customers typically need to configure a wide range of resources—projects, devices, gateways, vaults, documents, resource groups, and more. Today, this can only be done in two ways:

1. Manual Setup in the Web Console

  • Time-consuming and repetitive

  • Prone to configuration errors

  • Not easily repeatable or auditable

  • No version control or change history

2. Custom Automation Using SDA APIs

Using REST or GraphQL APIs is more scalable than manual configuration, but it comes with its own challenges:

  • Requires significant development effort and familiarity with our APIs

  • Scripts tend to accumulate boilerplate code

  • Customers must handle idempotency, retries, and partial-failure recovery

  • Requires custom state management

  • Harder to standardize across sites, teams, and vendors

Collectively, these challenges make onboarding new sites and tenants slower than they need to be and introduce unnecessary operational risk.

What We Are Building

To solve these issues, SDA is developing a first-party Terraform provider that uses HashiCorp’s industry-standard IaC framework. Terraform enables users to define their desired system state in a simple declarative language (HCL), and Terraform handles:

  • Deployment

  • Updates

  • Rollbacks

  • Drift detection

  • Deletion

  • State management

This is the same technology SDA uses internally to manage its own AWS cloud infrastructure.

What the Terraform Provider Enables

Once fully implemented, customers will be able to provision and manage all SDA resources via Terraform, including:

  • Resource Groups (including nested groups)

  • Projects

  • Devices

  • Gateways

  • Documents

  • Vaults & Secrets

  • Future SDA objects

Terraform configurations can be stored in Git like any other code, enabling:

  • Change tracking

  • Peer review

  • Reproducible deployments

  • Automated CI/CD workflows

How It Works

Terraform communicates with SDA through a custom provider that acts as a bridge between Terraform’s declarative configuration files and SDA’s APIs (REST and GraphQL).

  • Users define resources in HCL:

  • Terraform translates this into API calls against SDA

  • SDA creates, updates, or deletes resources accordingly

  • Terraform maintains state and ensures actual system state matches the desired configuration

Current Availability

The current Terraform provider provides the following capabilities:

  • Reading Resource Groups

  • Creating Resource Groups

  • Updating Resource Groups

  • Deleting Resource Groups (including nested hierarchies)

Significant portions of the provider architecture, API abstractions, and patterns have been established and will be documented here as the product evolves.

Technology Notes

The project was built using SDA's GraphQL and REST APIs:

  • GraphQL is highly efficient for SDA’s internal front-end ↔ back-end communication, but more complex to implement in a Terraform provider.

  • REST remains the industry standard for external automation tooling, and we will continue supporting and enhancing REST endpoints for customers.

Interested in Using the Terraform Provider?

The SDA Terraform provider is currently in private preview. We welcome early adopters who would like to explore Infrastructure as Code for SDA environments.

If you are interested in participating, please contact SDA.

We will work with you directly to:

  • Evaluate your use cases

  • Enable private preview access

  • Provide onboarding support

  • Gather feedback to shape the final release

PreviousAPIsNextFAQ

Last updated