HashiCorp debuted a new framework today that’s designed to let compliance and security teams keep their environments protected while letting engineers rapidly deploy code. Called Sentinel, it’s designed to let users lay out policies using a specialized language and then have those policies automatically enforced through HashiCorp products.
That means it’s possible for a compliance team to write Sentinel code and ensure that all of the infrastructure managed by HashiCorp’s Terraform software will run in accordance with that. Sentinel was created in response to feedback from the company’s enterprise customers, who wanted this sort of capability.
Sentinel is similar in intention to the compliance features that Chef added to its Automate product earlier this year. Those feats let companies create compliance code that is checked when a piece of software is built.
Dadgar said in an interview that Sentinel is different because it’s possible for the system to watch the active path of code execution persistently and ensure compliance on an ongoing basis, rather than just during the initial build of an application.
On top of the Sentinel news, HashiCorp also unveiled a new Terraform Module Registry that’s designed to provide developers and engineers with a centralized location to find pre-built infrastructure code. Terraform is designed to provide an automated system to set up infrastructure, and the new modules (provided by HashiCorp and partner companies like Microsoft, Google and CoreOS) will help jump-start deployments with common patterns.
It’s designed to make it easier for people to get started with the popular infrastructure management software, so that engineers can get Terraform-based systems up and running with a minimal amount of fuss and without having to worry about whether or not they’re following best practices. At launch, the registry will have 32 modules in it, with more on the way through community contributions and partnerships.
Terraform Enterprise also gained a new user interface as well as an API that lets developers integrate with the software’s management functions programmatically.
HashiCorp also announced updates to its other products. Vault, its secrets management product, now integrates natively with Kubernetes. Consul, its service discovery and configuration product, reached version 1.0. The paid enterprise version of that application gained support for segmented LAN environments.
Nomad, the company’s service and batch scheduler, gained a new web-based interface and an access control system. Enterprise users can now get access to a beta version of that product, which includes support for namespaces to help isolate different teams’ workloads.