From bdb70ef09c13fd2a3d0bd55cf8e6519c6cf0221a Mon Sep 17 00:00:00 2001 From: Chris Arcand Date: Tue, 10 Dec 2019 12:37:56 -0600 Subject: [PATCH] Make note of Sentinel standard imports > Sentinel-embedded applications can choose to whitelist or blacklist certain standard imports. Please reference the documentation for the Sentinel-enabled application you're using to determine if all standard imports are available. --- .../sentinel/sentinel-policy.html.markdown | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/website/source/guides/governance-and-policy/sentinel/sentinel-policy.html.markdown b/website/source/guides/governance-and-policy/sentinel/sentinel-policy.html.markdown index 261525fae..ae0973623 100644 --- a/website/source/guides/governance-and-policy/sentinel/sentinel-policy.html.markdown +++ b/website/source/guides/governance-and-policy/sentinel/sentinel-policy.html.markdown @@ -194,6 +194,12 @@ easy to read and write, while being fast to evaluate. There is no limitation on how complex policies can be, but they are in the execution path so care should be taken to avoid adversely impacting performance. +The Nomad integration for Sentinel implements all of the available [standard +imports](https://docs.hashicorp.com/sentinel/imports/) _except_ +[`http`](https://docs.hashicorp.com/sentinel/imports/http/), which is suitable +for Sentinel integrations that are _not_ run directly in the request path (for +example, [HashiCorp Terraform](https://www.terraform.io/). + In each scope, there are different objects made available for introspection, such a job being submitted. Policies can inspect these objects to apply fine-grained policies.