Overview
Syllabus
- Introductions
- Agenda
- What is Policy as Code?
- What is HashiCorp Sentinel?
- What are the main components of Sentinel and getting started?
- Context for the Demo
- High level steps for getting Sentinel up and running
- Beginning of the Demo - Writing a Sentinel Policy from Scratch
- Creating the Sentinel root file
- Writing the Sentinel policy file
Q - - How does Sentinel work with Terraform Plan files?
Q - - What are Sentinel Params?
- Looking through changed resources in Sentinel
- Pulling tag values off of AWS EC2 instances in Sentinel
- Writing the rule helper and informational failure messages
- Grabbing all EC2 instances violating the Sentinel rules
Q - - is it better to write positive or negative test with Sentinel?
- Understanding and Using "Predicate Rules" in Sentinel
- Wrapping the "Predicate Rules" in a "Main Rule"
- Using the Sentinel policy with Terraform Cloud Workspaces
- Using existing Sentinel policies with Terraform Cloud Workspaces
Q - - Can you use Sentinel Policies with resources that have calculated values? e.g. post apply
- Summary and Conclusion
Taught by
HashiCorp