Case Study

Compliance at scale: Hardened Terraform modules at Morgan Stanley

Published 5:00 AM UTC Apr 05, 2022

Morgan Stanley has freed up its cloud service developers by building automated cloud security controls by default using Terraform and Sentinel.

Brett Tegart and Itay Cohai recount how their team at Morgan Stanley implemented secure Terraform modules that enforce cloud security controls by default, allowing free development of cloud service provider accounts and resources without requiring additional security review. Sentinel policy as code was also important. They wrote policies that blocked direct creation of Terraform resources, limiting users to the secure modules that derive values from the Terraform or CSP environment instead of allowing user input.

Sign up for the latest HashiCorp news

More resources like this one

1/20/2023Case Study

Adopting GitOps and the Cloud in a Regulated Industry

1/5/2023Case Study

How Discover Manages 2000+ Terraform Enterprise Workspaces

9/26/2022Case Study

How Deutsche Bank onboarded to Google Cloud w/ Terraform

9/2/2022Case Study

Vault in BBVA, Secrets in a Hybrid Architecture

View all resources