Announcing Terraform Foundational Policy Library Preview
HashiCorp Terraform provides cloud infrastructure automation with infrastructure and policies as code. Policy as code is becoming the popular approach to embedding guardrails into the provisioning workflow while not slowing down end-users who are provisioning infrastructure. Terraform uses Sentinel policy as code to embed these policies.
In recent months we have spoken to customers about their priorities when it comes to introducing Sentinel and policy as code within their companies. The common first starting point has been around improving the security of their workloads, and ensuring consistent approaches are applied. Many of these standards are not just consistent across a company, they’re common across many of our customers. So it wasn’t surprising to hear that customers wanted HashiCorp to provide first-class policies out-of-the-box that implement controls for the most commonly adopted security standards such as those defined by the Center for Internet Security (CIS).
Today, we are pleased to announce the preview release of the Terraform Foundational Policies Library for Terraform Cloud and Enterprise.
» Policies for Cloud CIS Benchmarks™
In this release we have focused our efforts on developing controls that align with the controls that have been defined in the CIS Benchmarks for Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
For the first phase of this release we have implemented 40+ controls that secure the most commonly used cloud services such as networking, databases, storage and compute services.
» What is a Benchmark?
CIS Benchmarks are developed by a team of subject matter experts covering 140+ differing technologies and each benchmark provides a best practice approach to configuring and securing a target system. In the case of public cloud, the CIS Benchmarks provide prescriptive guidance for establishing a secure baselines for each of the Cloud Service Providers and cover topics such as Identity and Access Management, Logging and Monitoring as well as the commonly used cloud services that we have focused on for the release. Some of these controls include restricting network flow and the encryption of storage, disks and database services to name a few.
» Available Now
If you would like to know more about the Foundational Policies Library or how to get started with them today, please review the documentation. To learn more about using Terraform with Sentinel visit the HashiCorp Learn Platform.
If you have any thoughts on how we can further expand the capabilities of the library, please get in touch. We are always interested in hearing from our customers.
For more information on Terraform Cloud and Terraform Enterprise visit the Terraform product page or to get started today, sign-up for a Terraform Cloud account.
Sign up for the latest HashiCorp news
More blog posts like this one
![Terraform extension for VS Code speeds up loading of large workspaces](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1714155806-blog-library-product-terraform-dark-gradient.jpg&w=3840&q=75)
Terraform extension for VS Code speeds up loading of large workspaces
New releases of the HashiCorp Terraform extension for Visual Studio Code and Terraform language server significantly reduce memory usage and start up time for large workspaces.
![Why use Vault-backed dynamic credentials to secure HCP Terraform infrastructure?](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1572286031-vault-terraform-background.png&w=1920&q=75)
Why use Vault-backed dynamic credentials to secure HCP Terraform infrastructure?
Learn how HCP Terraform and Terraform Enterprise users can use Vault-backed dynamic credentials to secure their infrastructure during provisioning better than the base-level dynamic provider credentials.
![HCP Terraform adds granular API access for audit trails](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1714170900-blog-library-product-hcp-terraform-dark.jpg&w=3840&q=75)
HCP Terraform adds granular API access for audit trails
HCP Terraform eliminates the need to rely on organization permissions to the audit trails endpoint, streamlining permissions workflows and reducing risk.