I’ve written before about having sentinel fmt in multiple spots.. Today I want to go more into depth about that topic – where and why we have sentinel fmt running throughout our SDLC.
Hashicorp Sentinel currently offers three enforcement levels: Advisory: The policy is allowed to fail.
How I’m trying to get advanced warning of exactly what workspaces will be affected before I deploy a policy.
I’ve been asked this a few times now, so I thought it would be a good idea to publish why I prefer to use the API-based workflow instead of the VCS-backed workflow in our Hashicorp Sentinel SDLC.
I’ve had a lot of inquiries about consulting lately, especially regarding Cloud Security, CI/CD and SDLC for InfoSec professionals, training, and especially Hashicorp Sentinel expertise.