Skip to content

Sentinel

Spicy — senior dev territoryCloud & Infra

ELI5 — The Vibe Check

Sentinel is HashiCorp's policy engine for their tools — Terraform, Vault, Consul, Nomad. Before Terraform applies changes, Sentinel checks if they comply with your rules. 'Is the instance type approved?' 'Is encryption enabled?' If not, the apply is blocked. It's like a bouncer specifically for HashiCorp's ecosystem.

Real Talk

HashiCorp Sentinel is an embedded policy-as-code framework for the HashiCorp enterprise stack. It enforces policies during Terraform runs, Vault operations, and Consul/Nomad actions. Policies are written in the Sentinel language and evaluated at different enforcement levels (advisory, soft-mandatory, hard-mandatory). It's a paid feature of HashiCorp's enterprise products.

When You'll Hear This

"Sentinel blocks any Terraform plan that creates unencrypted storage." / "We have hard-mandatory Sentinel policies for production infrastructure changes."

Related Terms

Compliance

Compliance — pheeew, who needs it? Well, regulators. And lawyers. And anyone who doesn't want a multi-million dollar fine. If you don't know what it means,

beginnerSecurity

OPA (Open Policy Agent)

OPA is an open-source policy engine that lets you write rules in a language called Rego. 'Can this user access this resource?

advancedCloud & Infra

Policy as Code

Policy as Code means writing your rules and compliance requirements as actual code that gets enforced automatically.

advancedCloud & Infra

Terraform

Terraform is a tool that lets you describe your entire cloud infrastructure in code files, then type one command to make it real.

intermediateCI/CD & DevOps
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.