Support for Terraform OSS

Hey all,

In regards to sentinel when will sentinel support terraform oss version. As it is at the moment I believe this only supports tfe and terraform cloud enterprise.

Regards,

Hi @djdta,

Currently, the Terraform Sentinel integration is only available in our paid-tiers, and we do not have any future plans to open-source this integration.

There are, however, a number of other open-source projects available that you can use with Terraform open-source, namely:

Regula
Maintained by Fugue. Regula is a open-source project that evaluates CloudFormation and Terraform infrastructure-as-code for potential AWS, Azure, and Google Cloud security and compliance violations prior to deployment.

Terrascan
Maintained by Accurics. Terrascan detects security vulnerabilities and compliance violations across your Infrastructure as Code. Mitigate risks before provisioning cloud native infrastructure. Run locally or integrate with your CI\CD.

Checkov
Maintained by Bridgecrew. Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Cloudformation, Kubernetes, Dockerfile, Serverless or ARM Templates, and detects security and compliance misconfigurations using graph-based scanning.

I hope this helps!

1 Like

Is the Sentinel language proprietary?

The language spec page has the CC BY 3.0 mark so it would seemingly be acceptable to write a transformer that compiles Sentinel to one of the above mentioned tools.

Is this acceptable?