Using Policies from the Terraform Registry
Collections of Sentinel policies are available in the Terraform Registry as policy libraries. You can use these policies in both Terraform Cloud and the Sentinel CLI.
The Terraform Registry acts as a remote source for policies that you include in a standard Sentinel configuration file.
Finding Policies in the Terraform Registry
You can browse policy libraries available on the Terraform Registry or use keywords to search for policies relevant to your use cases.
To view documentation for specific policies within a library:
- Go to the policy library.
- Click Choose policies. Available policies are listed in the bottom left of the window.
- Click on the name of any policy to display its documentation.
Using Policies in Terraform Cloud or Sentinel CLI
You can use one or more policies from a policy library to create a Terraform Cloud policy set. You can also use policies directly with the Sentinel CLI. The Terraform Registry auto-generates the HCL code you need to configure each policy.
To get the HCL configuration code for one or more policies:
- Go to the policy library and click Choose policies.
- Select the policies you want to use in the bottom left of the window. The Terraform Registry populates HCL code in the Usage Instructions field.
- Click Copy Code Snippet to copy the HCL code to your clipboard.
- Paste the HCL code into a Sentinel configuration file or Terraform Cloud
We recommend defining all of the policies for a Terraform Cloud workspace in a single
sentinel.hcl file. You may wish to change the enforcement level in the auto-generated HCL code snippets. By default, this is set to
After you add the configuration code to your
sentinel.hcl file, create a new policy set in Terraform Cloud and apply it to one or more workspaces.