hashicorp/terraform-AWS-Prewritten-Policy-Set
1
0
Fork 0
mirror of https://github.com/hashicorp/terraform-AWS-Prewritten-Policy-Set synced 2026-04-05 19:10:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
No description
12 commits 6 branches 2 tags 4.5 MiB
  • HCL 100%
Find a file
Exact
Blake Ryder 08507846e3
 Merge pull request #4 from hashicorp/chore/terraform-aws-prewritten-policy-set-license-pr-2026-03-11 
Update LICENSE
2026-03-11 12:58:27 +05:30
.github CODEOWNERS 2025-05-28 07:26:13 -07:00
pre-written-policy [COMPLIANCE] Update Copyright and License Headers (Batch 1 of 1) 2025-12-08 18:13:41 +00:00
.gitignore Added Codebase for Prewritten Policy Set 2025-05-27 12:25:01 +05:30
LICENSE Update LICENSE 2026-03-11 12:58:02 +05:30
main.tf [COMPLIANCE] Update Copyright and License Headers (Batch 1 of 1) 2025-12-08 18:13:41 +00:00
README.md Updated Deprecation Notice 2025-06-19 22:10:54 +05:30
variables.tf [COMPLIANCE] Update Copyright and License Headers (Batch 1 of 1) 2025-12-08 18:13:41 +00:00

README.md

🚨 Deprecation Notice 🚨

This module will be deprecated on July 11, 2025, and will no longer be maintained after that date.
You may continue to use the pre-written policies via the Terraform Public Registry.

Thank you for your continued support and understanding.

Terraform Module to onboard Pre-written Sentinel Policies for AWS Foundations Benchmark

This repository contains the Terraform module for pre-written policies, designed to streamline the onboarding of pre-written Sentinel policies into your Terraform environment. This module enables the creation of Policy Sets for pre-written Sentinel policies for AWS Foundations Benchmark, ensuring consistent compliance and governance across your Terraform workflows.

Steps to run the configuration

  • Set the TFE_TOKEN environment to TFC/TFE's API token. This can either be an user token or organization scoped token.
  • Identify the name of the TFE/TFC organization where the policy set will get created.
  • By default, the module supports following policy repositories, which are hosted in the following locations.
  • Users have the flexibility to modify or extend the default policy repositories. You can specify custom policy repositories using the optional policy_github_repository parameter. This parameter accepts a list of GitHub repository names, but note that the repositories must be hosted under the HashiCorp organization.
  • Use the below mentioned inputs to invoke the module for deploying the policy set to TFE/TFC.
module "policy_set" {
  source = "./pre-written-policy"

  name                                 = "<your-policy-set>"
  tfe_organization                     = "<your-tfe-org>"
  policy_set_workspace_names           = ["target_workspace_1"]
}
  • Run terraform plan to view the plan.
  • Run terraform apply to apply the changes.
  • After successful creation, you should see Sentinel policies getting evaluated in every run of every workspace where the policy set is scoped to.

Authors

HashiCorp Engineering Team.

License

Business Source License 1.1. See LICENSE for full details.