HashiCorp gives Terraform Enterprise users more policy options to play with

HashiCorp gives Terraform Enterprise users more policy options to play with

Hashicorp has given developers a key to the straitjacket of its Sentinel policy as code framework, making it easier to create policies for specific environments in Terraform Enterprise.

HashiCorp unveiled Sentinel in 2017, pitching it as enabling as a way to enable “fine-grained, logic-based policy that can leverage external information sources to make decisions.”

But not quite fine-grained enough, as Sentinel policies were enforced across all workspaces in an organisation, something that clearly irked some users who might want to create separate policies for specific environments, eg development or production

So the vendor has given users of its Terraform Enterprise products the option of creating Policy Sets, which an organisation can use to define and apply policies in specific workspaces.

Existing Sentinel users will already have a global policy set, but will now be presented with a “Create a new policy set” button, which pulls up a form to create…the new policy set.

When creating the policy set, users are asked which workspaces it applies to. The same process for those without a pre-existing policy set.  Once a policy set is created, it will only apply to Terraform runs in that workspace.

Policy sets are available in the Terraform Enterprise Cloud and Private Terraform Enterprise offerings.