Policy as Code: IT Governance With HashiCorp Sentinel

Time: Sep 10 | 12:05 PM - 12:40 PM Location: Columbia | Level 3

Session Title:

Policy as Code: IT Governance With HashiCorp Sentinel

Session Abstract:

The subject of this talk is to introduce you to Sentinel, HashiCorp's policy as code framework. We begin with a brief overview of the concepts of infrastructure as code (IaC), namely referencing the concepts of other HashiCorp IaC products such as Terraform, Packer, and Vagrant. We will explain the advantages of extending these concepts to security and compliance - advantages such as increasing the productivity of security and compliance teams, empowering systems engineers, and modernizing offline workflows that may be missed by traditional IaC tools. We will also explain how Sentinel is implemented in our various enterprise products today. We will primarily discuss Sentinel with Terraform: how a practitioner can manage policies with the TFE provider, group policies into sets, and apply those policies to workspaces to trigger policy checks during a run to ensure that a specific Terraform plan can run or not. We will also briefly discuss the capabilities of the Sentinel runtime in Vault, Consul, and Nomad. Finally, we will conclude with how even non-enterprise customers can get started with Sentinel via our offline CLI tool, the Sentinel Simulator.