Blog | Sentinel
The latest news and announcements on HashiCorp, products, partners, and more.
Mar 27 2019 Roger Berlind
Writing and Testing Sentinel Policies for Terraform Enterprise
We are excited to announce the publication of a new Writing and Testing Sentinel Policies for Terraform Enterprise Guide to our Resource Library. This comprehensive guide teaches you how to write and test governance policies that restrict the infrastructure provisioned by Terraform Enterprise.
Jan 24 2019 Anthony Davanzo
Using Terraform to Improve Infrastructure Security Posture
In addition to providing for more rapid deployments, Terraform has features for securing those deployments and lowering risk.This blog will cover the features you can use to improve the security posture of your infrastructure: Sentinel policy as code, Terraform module registry, and HashiCorp Vault integration.
Feb 08 2018 Anubhav Mishra
Applying Policy as Code to Kubernetes Resources
Using HashiCorp Terraform Enterprise and the Kubernetes provider we can apply fine-grained policy enforcement using Sentinel to Kubernetes resources, before the changes to the resources are applied on the cluster. This blog post explores using Sentinel in Terraform Enterprise to manage Kubernetes clusters and enforce Kubernetes service types and namespace naming conventions.
Jan 25 2018 Nic Jackson
Using Sentinel Policy to enforce continuous deployment windows
In the same way that we can embed Sentinel into a pipeline to enforce policy for Terraform plans, or Vault secrets, we can also enforce policy in a continuous delivery pipeline.
In this post, we are going to examine how Sentinel Policy and the Sentinel Simulator can be used to ensure your CD system only deploys your application within a specified time window.
Jan 18 2018 Fraser Pollock
TFE and Sentinel: Provisioning Policy for Data Sovereignty in the Cloud
Infrastructure as code with HashiCorp Terraform enables operators to automate provisioning at scale. This comes with risks, as every action can have larger effects. Sentinel policy as code places guardrails to protect users from creating infrastructure changes that fall outside of business, security, and compliance policies. This blog will take a look at writing and enforcing a policy using Terraform Enterprise to restrict provisioning resources in certain availability zones to ensure data sovereignty.
Jan 12 2018 Armon Dadgar
Why Policy as Code?
HashiCorp advocates for "infrastructure as code" approaches to managing infrastructure. We have talked about it publicly and published about it in our Tao of HashiCorp. At HashiConf 2017, we announced Sentinel, a framework for "policy as code". The same coding practices that are applied to infrastructure can be very effective in enforcing and managing policies. Codifying policy removes the need for ticketing queues, without sacrificing enforcement.
Nov 02 2017 Ryan Uber
Sentinel and Terraform Enterprise: Applying policy as code to infrastructure provisioning
Infrastructure as code with HashiCorp Terraform enables operators to automate provisioning at scale. This comes with risks, as every action can have larger effects. Sentinel policy as code places guardrails to protect users from creating infrastructure changes that fall outside of business and/or regulatory policies.
Sep 19 2017 Armon Dadgar
HashiCorp Announcements at HashiConf 2017
Today at HashiConf 2017 in Austin, Texas, we announced major updates and new features across our entire suite of open source and enterprise products, including HashiCorp Terraform, HashiCorp Vault, HashiCorp Consul, and HashiCorp Nomad. In addition to these product updates, we announced the release of Sentinel, our new policy as code framework that integrates across the Enterprise product suite, and the Terraform Module Registry, which provides example infrastructure templates to make provisioning across cloud environments easier, and so much more.
Sep 19 2017 Mitchell Hashimoto
Announcing Sentinel, HashiCorp’s Policy as Code Framework
Today at HashiConf we released Sentinel. Sentinel is an embedded policy as code framework in the HashiCorp Enterprise products to enable fine-grained, logic-based policy decisions that can be extended to source external information to make decisions.