Terraform
Pre-written policy library reference
This topic provides reference information about the Sentinel policy libraries that HashiCorp authors and maintains. For instructions on how to run the policy libraries, refer to Run pre-written Sentinel policies .
AWS policies
HashiCorp publishes pre-written policies for the following AWS standards.
Center for Internet Security (CIS)
The Center for Internet Security (CIS) is a non-profit organization that publishes prescriptive guidance for configuring secure cloud services. Refer to the CIS website for additional information.
CIS refers to their standards as benchmarks. HashiCorp publishes pre-written policies that support the following CIS benchmarks for AWS:
- Amazon Web Services Foundations version 1.2. Refer to the AWS documentation for additional information about this version.
- Amazon Web Services Foundations version 1.4. Refer to the AWS documentation for additional information about this version.
- Amazon Web Services Foundations version 3.0. Refer to the AWS documentation for additional information about this version.
Refer to the CIS policy set for AWS GitHub repository for details about these policies.
Foundational Security Best Practices (FSBP)
The Foundational Security Best Practices (FSBP) standard enforces security best practices on AWS resources. HashiCorp publishes pre-written policies that support the following AWS FSBP standards:
- AWS Foundational Security Best Practices v1.0.0. Refer to the AWS documentation for additional information.
Refer to the AWS FSBP policy set repository for details about these policies.