Terraform adds pre-written Sentinel policies for ISO 27001
Source: HashiCorp Blog
New pre‑written Sentinel policies for ISO / IEC 27001
A collaborative and continued effort
While Sentinel is a powerful tool for enforcing cloud governance at scale, adopting a policy‑as‑code model can be complex and resource‑intensive. Many organizations face challenges due to limited expertise or the time required to translate compliance frameworks into enforceable policies from scratch.
To help address these challenges, AWS and HashiCorp have worked closely to simplify hybrid‑cloud governance and compliance. Building on previous releases aligned to frameworks such as CIS and AWS Foundational Security Best Practices (FSBP), we are introducing a new set of pre‑written Sentinel policies designed to help organizations meet ISO / IEC 27001 requirements across AWS environments. These policies map to key ISO 27001 Annex A controls—covering areas such as access control, cryptography, logging and monitoring, and secure configuration management.
With hundreds of policies now available, organizations can adopt a secure‑by‑default posture for AWS infrastructure without having to start from scratch. These policy sets provide a strong foundation, reducing the need for manual policy development and helping teams consistently enforce governance controls across their cloud environments.
Getting started with pre‑written Sentinel policies
Please refer to our pre‑written policy library documentation to get started with Sentinel policies for ISO 27001, or explore the other pre‑written Sentinel policy sets available in the Terraform Registry:
- Pre‑written Sentinel Policies for AWS CIS Foundations Benchmarking
- Pre‑written Sentinel Policies for AWS Foundational Security Best Practices (FSBP)
- Pre‑written Sentinel Policies for AWS NIST SP 800‑53 Revision 5
- Pre‑written Sentinel Policies for AWS PCI DSS
- AWS Networking Sentinel Policies for Terraform
New to Terraform?
Get started with HashiCorp‑managed HCP Terraform to begin provisioning and managing your infrastructure in any environment. Don’t forget to link your HCP Terraform and HashiCorp Cloud Platform (HCP) accounts for a seamless sign‑in experience.