» Integrating with VCS

Sentinel is designed to enable policy as code. As such, it is recommended that the policies are managed in a VCS service like Github, Bitbucket or Gitlab. Terraform Enterprise will add integration with these VCS providers to automatically ingress the policies from the VCS repository in an upcoming release. In the meantime it is recommended that the Policy APIs are used to automatically push changes from VCS to Terraform Enterprise using a CI/CD service like Jenkins, Drone, or Circle CI.

To update the policies from your CI/CD pipeline you can use these API endpoints with a command line HTTP client like curl or httpie:

You can also use the tfe_sentinel_policy resource from the Terraform Enterprise provider to upload a policy using Terraform itself.