Write a Sentinel policy for a Terraform deployment
Create filters and rules for your governance requirements with the Sentinel policy language.
Use case
Enforce policy as code
Enforce policies before your users create infrastructure using Sentinel policy as code.
Challenge
Manual security and compliance checks create bottlenecks
Rapid provisioning opens up tremendous possibilities, but organizations need to maintain security and prevent over provisioning.
Solution
Automated guardrails around multi-cloud provisioning
HCP Terraform can help you enforce policies on the infrastructure configurations your teams can provision. Ticket-based review processes are a bottleneck that can slow down development. Instead, you can use HashiCorp Sentinel, a policy as code framework, to automatically enforce compliance and governance policies before Terraform makes infrastructure changes.
Resources
Tutorials
Explore all
Upload your Sentinel policy set to HCP Terraform
Create and upload a Sentinel policy set. Apply the policy set to your HCP Terraform organization.
Detect infrastructure drift and enforce OPA policies
Use Terraform preconditions and HCP Terraform native OPA support to validate configuration and enforce compliance with organizational practices.
Docs
Explore all
Defining policies
Sentinel policies can be created for every stage of the Terraform workflow, including the configuration, plan, run, and state.
Managing policy sets
Policy sets are collections of Sentinel or OPA policies you can apply to your workloads in HCP Terraform.
Mocking Terraform Sentinel data
An important part of the test process is mocking the data that you wish your policies to operate on.
Introduction to Sentinel, the HashiCorp policy as code framework
In this video, HashiCorp Co-Founder and CTO Armon Dadgar explains Sentinel.