HashiCorp debuted a new framework today that’s designed to let compliance and security teams keep their environments protected while letting engineers rapidly deploy code. Called Sentinel, it enables users to lay out policies using a specialized language and then have those policies automatically enforced through HashiCorp products.
That means it’s possible for a compliance team to write Sentinel code and ensure that all of the infrastructure managed by HashiCorp’s Terraform software will run in accordance with the new code. Sentinel was created in response to feedback from the company’s enterprise customers, who wanted this sort of capability.
Sentinel is similar in intention to the compliance features that Chef added to its Automate product earlier this year. Those features let companies create compliance code that is checked when a piece of software is built.
Chief technology officer Armon Dadgar said in an interview with VenturBeat that Sentinel is different because it’s possible for the system to watch the active path of code execution persistently and ensure compliance on an ongoing basis, rather than just during the initial build of an application.
On top of the Sentinel news, HashiCorp also unveiled a new Terraform Module Registry that’s designed to provide developers and engineers with a centralized location to find pre-built infrastructure code. Terraform provides an automated system to set up infrastructure, and the new modules (provided by HashiCorp and partner companies like Microsoft, Google, and CoreOS) will help jump-start deployments with common patterns.
The Terraform Registry is designed to make it easier for people to get started with the popular infrastructure management software so that engineers can get Terraform-based systems up and running with a minimal amount of fuss and without having to worry about whether they’re following best practices. At launch, the registry will contain about 32 modules, with more on the way through community contributions and partnerships.
Terraform Enterprise also gained a new user interface, as well as an API that lets developers integrate with the software’s management functions programmatically.
HashiCorp announced updates to some of its other products, as well. Vault, its secrets management product, now integrates natively with Kubernetes. Consul, its service discovery and configuration product, reached version 1.0. And the paid enterprise version of that application gained support for segmented LAN environments.
Nomad, the company’s service and batch scheduler, gained a new web-based interface and an access control system. Enterprise users can now get access to a beta version of that product, which includes support for namespaces to help isolate different teams’ workloads.