Infrastructure security at scale with Bridgecrew for Terraform Cloud

Bridgecrew for Terraform Cloud

Infrastructure as code (IaC) frameworks such as Terraform have transformed the way teams provision and manage infrastructure. Their predictability and flexibility enable incredible automation and scale, but as teams expand IaC usage to support growing cloud footprints, new complexities, risks, and overhead emerge.

That’s where HashiCorp’s Terraform Cloud comes in, giving teams a centralized solution for managing Terraform together. Along with Sentinel, HashiCorp’s policy-as-code engine, Terraform Cloud also provides a pipeline for addressing configuration errors and enforcing policies earlier.

To streamline Terraform security scanning and policy enforcement, we’re excited to announce our native Terraform Cloud integration. By integrating with Terraform Cloud via Sentinel, Bridgecrew embeds 500+ out-of-the-box policies across AWS, Azure, Google Cloud, and Kubernetes into every Terraform Cloud workspace run.

“Having partners like Bridgecrew integrate with HashiCorp gives our mutual customers richer DevSecOps capabilities natively within Terraform Cloud. With this integration to Terraform Cloud, the cloud-based platform our customers use for their Infrastructure as Code, HashiCorp customers benefit from the policies that Bridgecrew has created collectively from their platform users.This means faster time to resolve any IaC security issues for our joint customers available directly in Terraform Cloud.”

– Burzin Patel, VP Global Alliances at HashiCorp.

Getting started with Bridgecrew for Terraform Cloud

This integration is available for all Bridgecrew plans. To get started, head to the Integrations tab in your Bridgecrew account and select Terraform Cloud. Insert your Terraform Cloud workspace ID and token, which will provide a Sentinel Policy code snippet.

Next, head over to Terraform Cloud to create a new Policy Set and connect it to your workspace using the policy code provided by Bridgecrew.

Now, the next time your Terraform Cloud workspace runs, Bridgecrew will scan your Terraform during the Policy Check stage. If errors are identified, the run will error and block the ability to terraform apply changes. To investigate the impact of misconfigurations and take steps to address them, head to the Bridgecrew platform by clicking the policy output link.

With Bridgecrew’s continuous policy enforcement and security feedback for both IaC and cloud accounts, you can prevent misconfigured modules from being provisioned and identify errors introduced manually. Bridgecrew also takes policy-as-code a step further, transforming runtime errors into Terraform fixes.


Since day one, Bridgecrew has focused on embedding earlier in the development lifecycle to provide security and compliance scanning as part of every code review. Our native Terraform Cloud integration now makes it easier for Terraform developers to prevent misconfigurations from being provisioned—all as part of their existing workflows.

To learn more about our Terraform Cloud integration, join us for our upcoming live webinar or schedule a Bridgecrew for Terraform Cloud demo.