In this session, we explore the power of Sentinel, HashiCorp’s policy-as-code framework, and how it enables proactive, automated compliance enforcement within Terraform deployments. We’ll cover the fundamentals of policy as code—why it matters, when to apply it, and how it transforms infrastructure governance. You'll gain a practical understanding of Sentinel’s capabilities, its integration with HCP Terraform and Enterprise, and how to embed guardrails into your infrastructure pipeline.

The highlight of the session is a deep dive into prewritten Sentinel policies aligned with the CIS AWS Foundations Benchmark. These policies provide a fast track to implementing compliance as code, enabling secure-by-default deployments without the need for custom development. We'll show how organizations can apply these policies to achieve:

• Centralized and customizable policy management
• Safe rollout of updated compliance rules using blue-green approaches
• Preventative security, blocking insecure or non-compliant resources before deployment