Benefits of Sentinel, Registry, and Workspaces

Learn the benefits of sentinel, registry, and workspaces.

Terraform Enterprise is an on-premises distribution of Terraform Cloud. It offers enterprises a private instance of the Terraform Cloud application with no resource limits and with additional enterprise-grade architectural features like audit logging and SAML single sign-on. Terraform Cloud is a cloud-hosted version of Terraform Enterprise with many of the same enterprise-grade architectural features. Usually, Terraform Enterprise and Terraform Cloud can be treated as the same product. Although the terminal objective specifically calls out Terraform Enterprise, Terraform Cloud is part of this objective.


Sentinel is a language and framework for policy, built to be embedded in existing software enabling fine-grained, logic-based policy decisions. A policy describes under what circumstances certain behaviors are allowed. Sentinel is an enterprise-only feature of HashiCorp Consul, Nomad, Terraform, and Vault.

Terraform Enterprise uses Sentinel to enforce policy on Terraform configurations, states, and plans.

The Sentinel integration with Terraform runs within Terraform Cloud after a terraform plan and before a terraform apply. The policies have access to the created plan, the state at the time of the plan, and the configuration at the time of the plan.

Get hands-on with 1200+ tech skills courses.