Testing Terraform Sentinel Policies Using Mocks

Oct 07, 2019

This talk and demo will show how you can generate Terraform Sentinel mock data (mocks) from your Terraform Cloud and Terraform Enterprise plans and use them to test your Terraform Sentinel policies with the Sentinel Simulator.

While you can test Terraform Sentinel policies in your Terraform Cloud account or on your private Terraform Enterprise server by triggering runs against workspaces, doing so has some limitations:

  • Each test takes longer since you first have to run a terraform plan
  • You might have to discard many runs from your workspaces
  • Your workspace history might become cluttered

In contrast, using the Sentinel Simulator with mocks is faster since the tests will not run Terraform at all. It avoids having to discard runs from your workspaces. Additionally, you can copy and edit generated Sentinel mocks to test your policies against multiple combinations of resource attributes.

Finally, you can trigger automatic tests whenever you modify your policies. Note: Sentinel mock data cannot be generated from Terraform open source plans. Using the Sentinel Simulator to test Terraform Sentinel policies requires a subscription or license that includes the mock generation feature.


  • Roger Berlind

    Roger Berlind

    Senior Solutions Engineer, HashiCorp

» Transcript

Coming Soon

Stay Informed

Subscribe to our monthly newsletter to get the latest news and product updates.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now