How can you ensure that the engineering team who has access to git repo will not create any non-compliant resources that might lead to a security audit failure in future. your team is using Hashicorp Terraform Enterprise Edition.

How can you ensure that the engineering team who has access to git repo will not create any non-compliant resources that might lead to a security audit failure in future. your team is using Hashicorp Terraform Enterprise Edition.
A . Use Terraform OSS Sentinel Lite version, which will save cost, since there is no charge for OSS, but it can still check for most non-compliant rules using Policy-As-Code.
B . Implement a review process where every code will be reviewed before merging to the master branch.
C . Since your team is using Hashicorp Terraform Enterprise Edition, enable Sentinel, and write Policy-As-Code rules that will check for non-compliant resource provisioning, and prevent/report them.
D . Create a design /security document (in PDF) and share to the team, and ask them to always follow that document, and never deviate from it.

View Answer

Answer: C

Explanation:

https://www.terraform.io/docs/cloud/sentinel/index.html