As your business shifts towards an infrastructure-as-code workflow, security and cloud administrators are concerned about misconfigurations that may cause security and governance violations.
Cloud Administrators need to be able to put up guardrails that follow security best practices and help drive the environment towards programmatic security and governance while enabling developers to go fast.
Terraform Validator allows your administrators to enforce constraints on developer machines and as part of your CI/CD pipeline, allowing you to check for constraint violations and provide warnings or halt invalid deployments before they reach production.
Constraints are designed to be compatible with tools across the deployment lifecycle. The same set of constraints that you use with Terraform Validator can also be used with any other tool that supports them, either at deploy-time or as an audit of deployed resources. These constraints live in your organization's repository as the source of truth for your security and governance requirements. You can obtain constraints from the Policy Library, or build your own constraint templates.
- Install Terraform Validator
- User guide
- Tutorial
- Creating a policy library
- Supported resources
- Contributing
This is not an officially supported Google product.