Learn how to enforce, test, and version control policy as code across Terraform teams and organizations using Sentinel.
One of the most important features of Terraform Cloud's Teams & Governance tier and Terraform Enterprise is Sentinel, which lets you implement and enforce infrastructure governance policies as code.
In this webinar, HashiCorp solutions engineer Roger Berlind demonstrates how to use and share a common set of Sentinel policies (Policy Sets) stored in a Version Control System (VCS) repository across multiple Terraform organizations.
Storing policy sets and their policies in a repository avoids the need to maintain multiple copies of the policies. Additionally, changes made to them in the master branch of the repository are automatically updated across all Terraform organizations that use them.
He'll also discuss how GitHub Actions can be used to automatically run Sentinel Simulator test cases against policy sets that are modified in pull requests. This ensures that modified policies that fail your Sentinel Simulator test cases cannot be merged into the master branch or used in your Terraform organizations.
0:00 — Intro to Sentinel and version controlling policies as code
11:50 — Managing Sentinel policies across multiple teams and organizations
14:57 — Demo: Sentinel policy sets for Terraform Cloud
31:44 — Q&A
There is a companion blog post for this webinar on the HashiCorp Solutions Engineering Blog