VCDL-250 Taxonomy Alignment - HCP Terraform

instructor-guides/sentinel_for_terraform_INSTRUCTOR_GUIDE.md

@@ -1,8 +1,8 @@
 # Sentinel for Terraform - Instructor Guide
 
-This guide will prepare you to deliver a full-day [Sentinel for Terraform Workshop](https://hashicorp.github.io/field-workshops-terraform/slides/sentinel/index.html#1), although the workshop is usually broken up into two sessions as described below. The workshop is a combination of [slides](https://hashicorp.github.io/field-workshops-terraform/slides/sentinel/index.html#1) and two hands-on [Instruqt tracks](https://play.instruqt.com/hashicorp/topics/sentinel) that teach students how to write and test Sentinel policies for Terraform.  Participants will learn an 8-step methodology for writing and testing Sentinel policies. Everything is done using the Sentinel CLI provided within the Instruqt tracks, so access to Terraform Cloud or Terraform Enterprise is not required. All students need is a browser.
+This guide will prepare you to deliver a full-day [Sentinel for Terraform Workshop](https://hashicorp.github.io/field-workshops-terraform/slides/sentinel/index.html#1), although the workshop is usually broken up into two sessions as described below. The workshop is a combination of [slides](https://hashicorp.github.io/field-workshops-terraform/slides/sentinel/index.html#1) and two hands-on [Instruqt tracks](https://play.instruqt.com/hashicorp/topics/sentinel) that teach students how to write and test Sentinel policies for Terraform.  Participants will learn an 8-step methodology for writing and testing Sentinel policies. Everything is done using the Sentinel CLI provided within the Instruqt tracks, so access to HCP Terraform or Terraform Enterprise is not required. All students need is a browser.
 
-This workshop content is suitable for HashiCorp customers who are already using Terraform Cloud or Terraform Enterprise; we recommend that all students first complete one of the Intro to Terraform workshops listed under https://hashicorp.github.io/workshops/ or have equivalent experience.  It is not well-suited for prospects since it exposes the fact that using Sentinel can be complex.
+This workshop content is suitable for HashiCorp customers who are already using HCP Terraform or Terraform Enterprise; we recommend that all students first complete one of the Intro to Terraform workshops listed under https://hashicorp.github.io/workshops/ or have equivalent experience.  It is not well-suited for prospects since it exposes the fact that using Sentinel can be complex.
 
 ## Attendee prerequisites
 Prerequisites are minimal. All that is required to participate in the workshop is a web browser and Internet access. No software needs to be downloaded or installed -- self-contained lab environments run on the Instruqt platform. 
@@ -38,17 +38,17 @@ Please ask students to complete the [feedback survey](https://bit.ly/hashiworksh
 *Session 1*
 
 0:00 - 0:05 - Wait for attendees to arrive and Introductions<br>
-0:05 - 0:25 - Sentinel in Terraform Cloud and Terraform Enterprise<br>
+0:05 - 0:25 - Sentinel in HCP Terraform and Terraform Enterprise<br>
 0:25 - 0:50 - The Sentinel Language<br>
 0:50 - 1:05 - Lab 1 (The Sentinel CLI)<br>
 1:05 - 1:10 - Review of Lab 1<br>
 1:10 - 1:15 - Break<br>
 1:15 - 1:30 - The Evolution of Sentinel Policies<br>
 1:30 - 1:35 - Demo of Sentinel CLI
 1:35 - 2:05 - Writing and Testing Sentinel Policies<br>
-2:05 - 2:15 - Demo of Sentinel in Terraform Cloud
+2:05 - 2:15 - Demo of Sentinel in HCP Terraform
 2:15 - 2:25 - Break<br>
-2:25 - 2:45 - Using Sentinel in Terraform Cloud<br>
+2:25 - 2:45 - Using Sentinel in HCP Terraform<br>
 2:45 - 3:00 - Q&A<br>
 
 *Session 2*
@@ -101,7 +101,7 @@ sentinel test -verbose restrict-vm-disk-size.sentinel
 
 Point out that the first of these two VMware Sentinel policies has three failure test cases with associated mocks. Point out that the second policy delays printing violation messages for disks created with VMware VMs so that the messages look like "Disk 0 has size with value 120 that is greater than 100" instead of the less meaningful "0 has size with value 120 that is greater than 100".
 
-While presenting the "Writing and Testing Sentinel Policies for Terraform" slides, we recommend you show the Terraform Cloud UI opened to a workspace that points at Terraform code that creates an EC2 instance. You could use this [code](https://github.com/hashicorp/terraform-guides/tree/master/infrastructure-as-code/aws-ec2-instance), although you will probably want to update it to be more modern and use a newer version of Terraform instead of Terraform 0.11. You can then do a plan and show how mocks can be downloaded from the plan.  You can also show the restrict-ec2-instance-type.sentinel policy failing if you have registered this [policy set](https://github.com/hashicorp/terraform-sentinel-policies/blob/main/aws/sentinel.hcl) with your TFC organization.
+While presenting the "Writing and Testing Sentinel Policies for Terraform" slides, we recommend you show the HCP Terraform UI opened to a workspace that points at Terraform code that creates an EC2 instance. You could use this [code](https://github.com/hashicorp/terraform-guides/tree/master/infrastructure-as-code/aws-ec2-instance), although you will probably want to update it to be more modern and use a newer version of Terraform instead of Terraform 0.11. You can then do a plan and show how mocks can be downloaded from the plan.  You can also show the restrict-ec2-instance-type.sentinel policy failing if you have registered this [policy set](https://github.com/hashicorp/terraform-sentinel-policies/blob/main/aws/sentinel.hcl) with your TFC organization.
 
 ## Hands-on Labs
 At certain points in the slide deck there are references to the lab exercises. [Instruqt](https://instruqt.com/hashicorp) is our lab platform. Users must generally register on the Instruqt website to use these tracks unless you send an invite that allows anonymous access. There are two Instruqt tracks in this workshop.
@@ -173,17 +173,17 @@ Here is some boilerplate text you can use or customize when inviting or announci
 Introduction to Sentinel for Terraform Workshop
 A hands-on technical workshop
 
-Learn how to write and test Sentinel policies that restrict the provisioning of resources done with Terraform Cloud and Terraform Enterprise workspace. Sentinel is HashiCorp's policy-as-code framework and language for codifying policies in the same way that Terraform codifies infrastructure as code. Beginners can create Sentinel policies that use common functions that avoid use of advanced Sentinel language constructs. Experts can write their own Sentinel functions that do use those constructs and implement more sophisticated policies.
+Learn how to write and test Sentinel policies that restrict the provisioning of resources done with HCP Terraform and Terraform Enterprise workspace. Sentinel is HashiCorp's policy-as-code framework and language for codifying policies in the same way that Terraform codifies infrastructure as code. Beginners can create Sentinel policies that use common functions that avoid use of advanced Sentinel language constructs. Experts can write their own Sentinel functions that do use those constructs and implement more sophisticated policies.
 
 Join us for two 3-hour training sessions that will teach you how to write and test Sentinel policies using standard and Terraform Sentinel imports and some common functions.
 
 Topics covered in the workshop include:
 
-* Sentinel in Terraform Cloud and Terraform Enterprise
+* Sentinel in HCP Terraform and Terraform Enterprise
 * The Sentinel Language
 * The Evolution of Terraform Sentinel Policies
 * Writing Sentinel Policies and Testing them with the Sentinel CLI
-* Using Sentinel in Terraform Cloud
+* Using Sentinel in HCP Terraform
 * Advanced Techniques
 
 All of these but the last will be covered during the first session which will also include one lab that teaches you how to use the Sentinel CLI.

instruqt-tracks/sentinel-for-terraform-v4/01-restrict-vault-auth-methods/assignment.md

@@ -9,7 +9,7 @@ notes:
   contents: |-
     [Sentinel](https://docs.hashicorp.com/sentinel) allows customers to implement policy-as-code in the same way that Terraform implements infrastructure-as-code.
 
-    The Sentinel Command Line Interface (CLI) allows you to apply and test Sentinel policies including those that use mocks generated from Terraform Cloud and Terraform Enterprise plans.
+    The Sentinel Command Line Interface (CLI) allows you to apply and test Sentinel policies including those that use mocks generated from HCP Terraform and Terraform Enterprise plans.
 
     You should run the **Sentinel CLI Basics** track before starting this track.
 - type: text
@@ -160,7 +160,7 @@ Now open the test cases and mock files on the "Test Cases" tab.
 - You'll see that the `fail.hcl` test case refers to the `tfplan-functions.sentinel` module and the `mock-tfplan-fail.sentinel` mock file and expects the main rule to return `false`.
 - You'll also see that the `pass.hcl` test case refers to the same module and the `mock-tfplan-pass.sentinel` mock file and expects the main rule to return `true`.
 
-The mock files are simplified versions of mocks generated from plans of Terraform Cloud runs done against Terraform code that used the Vault provider to create some auth methods. The key data that determines whether a test case will pass or fail is in the `after` stanza of the `change` stanza of resources under the `resource_changes` collection.
+The mock files are simplified versions of mocks generated from plans of HCP Terraform runs done against Terraform code that used the Vault provider to create some auth methods. The key data that determines whether a test case will pass or fail is in the `after` stanza of the `change` stanza of resources under the `resource_changes` collection.
 
 The `mock-tfplan-fail.sentinel` mock file creates instances of the Kubernetes, GitHub, and AWS auth methods; the first two are allowed, but the third is not. The `mock-tfplan-pass.sentinel` mock file creates instances of the Kubernetes, GitHub, and Azure auth methods, all of which are allowed.
 

instruqt-tracks/sentinel-for-terraform-v4/02-restrict-aws-iam-v1/assignment.md

@@ -90,7 +90,7 @@ Your task is to complete and test a Sentinel policy that requires that all AWS I
 
 Complete the First Version
 ===
-1. Open the `require-access-keys-use-pgp-a.sentinel` policy on the "Poilicies" tab.
+1. Open the `require-access-keys-use-pgp-a.sentinel` policy on the "Policies" tab.
     - You'll see several placeholders in angular brackets throughout the policy.
     - You need to replace those placeholders with suitable Sentinel expressions.
 
@@ -124,7 +124,7 @@ Using multiple fail test cases allows us to test multiple ways in which a policy
 
 All 3 fail test cases expect the main rule to return `false`. Of course, we've also included a pass test case and a corresponding mock file that does include the desired attribute with an allowed value. The pass test case expects the main rule to return `true`.
 
-The mock files are simplified versions of mocks generated from plans of Terraform Cloud runs done against Terraform code that used the AWS provider to create an AWS IAM access key.
+The mock files are simplified versions of mocks generated from plans of HCP Terraform runs done against Terraform code that used the AWS provider to create an AWS IAM access key.
 
 Test the First Version
 ===

instruqt-tracks/sentinel-for-terraform-v4/04-restrict-domains-v1/assignment.md

@@ -123,7 +123,7 @@ Examine the Test Cases and Mocks
 ===
 Now open the test cases and mock files on the "Test Cases" tab. You'll see that the `fail.hcl` test case refers to the `tfstate-functions.sentinel` module and the `mock-tfstate-fail.sentinel` mock file and expects the main rule to return `false`. You'll also see that the `pass.hcl` test case refers to the same module and the `mock-tfstate-pass.sentinel` mock file and expects the main rule to return `true`.
 
-The mock files are simplified versions of mocks generated from plans of Terraform Cloud runs done against Terraform code that used the AWS provider to retrieve information from two AWS ACM certificates.
+The mock files are simplified versions of mocks generated from plans of HCP Terraform runs done against Terraform code that used the AWS provider to retrieve information from two AWS ACM certificates.
 
 Test the First Version
 ===

instruqt-tracks/sentinel-for-terraform-v4/06-restrict-images-v1/assignment.md

@@ -120,7 +120,7 @@ You'll see that the test cases, `fail-invalid-image.hcl` and `fail-no-initialize
 
 You'll also see that the test case, `pass.hcl`, refers to the `mock-tfplan-pass.sentinel` mock file and expects the main rule to return `true`. All 3 test cases also refer to the `tfplan-functions.sentinel` module.
 
-The mock files are simplified versions of mocks generated from plans of Terraform Cloud runs done against Terraform code that used the Google provider to create a GCE compute instance. The `mock-tfplan-fail-no-initialize-params.sentinel` mock file was generated from a Terraform configuration that first generated a GCE compute disk and then created a GCE compute instance from it, avoiding the need to use the `initialize_params` block of the compute instance resource. The other two mocks created the compute instance resource directly from standard images.
+The mock files are simplified versions of mocks generated from plans of HCP Terraform runs done against Terraform code that used the Google provider to create a GCE compute instance. The `mock-tfplan-fail-no-initialize-params.sentinel` mock file was generated from a Terraform configuration that first generated a GCE compute disk and then created a GCE compute instance from it, avoiding the need to use the `initialize_params` block of the compute instance resource. The other two mocks created the compute instance resource directly from standard images.
 
 Test the First Version
 ===

instruqt-tracks/sentinel-for-terraform-v4/08-private-module-registry-v1/assignment.md

@@ -24,12 +24,12 @@ notes:
   contents: We've made things easier by writing most of the policy for you and by
     providing the test cases and mocks that you need to test it. The mocks simulate
     the use of two Azure modules both from the public Terraform Registry and from
-    a Private Module Registry in an organization on the Terraform Cloud server.
+    a Private Module Registry in an organization on the HCP Terraform server.
 - type: text
   contents: |-
-    Your task is to complete and test a Sentinel policy that requires that all modules called by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a Terraform Cloud organization called "Cloud-Operations". You will use the [tfconfig/v2](https://www.terraform.io/docs/cloud/sentinel/import/tfconfig-v2.html) import to do that.
+    Your task is to complete and test a Sentinel policy that requires that all modules called by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a HCP Terraform organization called "Cloud-Operations". You will use the [tfconfig/v2](https://www.terraform.io/docs/cloud/sentinel/import/tfconfig-v2.html) import to do that.
 
-    Since the owners of a Terraform Cloud/Enterprise organization can prevent modules in their PMR from using external modules, requiring the root module to call all modules from the PMR effectively requires that all non-root modules come from the PMR.
+    Since the owners of a HCP Terraform/Enterprise organization can prevent modules in their PMR from using external modules, requiring the root module to call all modules from the PMR effectively requires that all non-root modules come from the PMR.
 
     You might find the documentation for Sentinel's [matches](https://docs.hashicorp.com/sentinel/language/spec/#matches-operator) operator and [strings](https://docs.hashicorp.com/sentinel/imports/strings) import useful. You might also want to read about how modules are sourced from private module registries [here](https://www.terraform.io/docs/cloud/registry/using.html).
 tabs:
@@ -89,9 +89,9 @@ timelimit: 1800
 
 In this challenge, you will write a fifth Sentinel policy for Terraform.
 
-Your task is to complete and test a Sentinel policy that requires that all modules loaded by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a Terraform Cloud organization.
+Your task is to complete and test a Sentinel policy that requires that all modules loaded by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a HCP Terraform organization.
 
-We recommend reviewing this [doc](https://www.terraform.io/docs/cloud/registry/using.html) that describes how to specify the `source` for a module in a Private Module Registry on a Terraform Cloud or Terraform Enterprise server.
+We recommend reviewing this [doc](https://www.terraform.io/docs/cloud/registry/using.html) that describes how to specify the `source` for a module in a Private Module Registry on a HCP Terraform or Terraform Enterprise server.
 
 At this point, we recommend you look at the tree diagram in the [Import Overview](https://www.terraform.io/docs/cloud/sentinel/import/tfconfig-v2.html#import-overview) for the `tfconfig/v2` import that the policy uses.
 
@@ -134,9 +134,9 @@ Examine the Test Cases and Mocks
 ===
 Now open the test cases and mock files on the "Test Cases" tab. You'll see that the `fail.hcl` test case refers to the `mock-tfconfig-fail.sentinel` mock file and expects the main rule to return false. You'll also see that the "pass.hcl" test case refers to the `mock-tfconfig-pass.sentinel` mock file and expects the main rule to return true.
 
-As mentioned above, both test case files provide a value for the `organization` parameter. We also could have provided a value for the `address` parameter to override the default value set in the policy. We would do that if using a Terraform Enterprise server instead of the Terraform Cloud deployment hosted by HashiCorp.
+As mentioned above, both test case files provide a value for the `organization` parameter. We also could have provided a value for the `address` parameter to override the default value set in the policy. We would do that if using a Terraform Enterprise server instead of the HCP Terraform deployment hosted by HashiCorp.
 
-The mock files are simplified versions of mocks generated from plans of Terraform Cloud runs done against Terraform code that used the Azure provider to provision Azure resources including resource groups, network resources, security group resources, and VMs. The `mock-tfconfig-fail.sentinel` mock uses modules from the public [Terraform Registry](https://registry.terraform.io/) while the `mock-tfconfig-pase.sentinel` mock uses modules from a PMR in the "Cloud-Operations" organization on the Terraform Cloud server ("app.terraform.io").
+The mock files are simplified versions of mocks generated from plans of HCP Terraform runs done against Terraform code that used the Azure provider to provision Azure resources including resource groups, network resources, security group resources, and VMs. The `mock-tfconfig-fail.sentinel` mock uses modules from the public [Terraform Registry](https://registry.terraform.io/) while the `mock-tfconfig-pase.sentinel` mock uses modules from a PMR in the "Cloud-Operations" organization on the HCP Terraform server ("app.terraform.io").
 
 Test the First Version
 ===

instruqt-tracks/sentinel-for-terraform-v4/09-private-module-registry-v2/assignment.md

@@ -67,7 +67,7 @@ timelimit: 1800
 
 In this challenge, you will write a second version of the fifth Sentinel policy for Terraform.
 
-Your task is to complete and test a Sentinel policy that requires that all modules loaded by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a Terraform Cloud organization.
+Your task is to complete and test a Sentinel policy that requires that all modules loaded by the root module come from the [Private Module Registry](https://www.terraform.io/docs/cloud/registry/index.html) (PMR) of a HCP Terraform organization.
 
 > [!NOTE]
 > At any point while solving the challenge, you can click the green "Check" button to get a hint suggesting something that you still need to do.