Today we are super excited to announce the latest capability we added to our Terraform CI/CD solution, which is an absolute game-changer for compliance enforcement, ‘Proactive Compliance Packages’.

Compliance Packages for Terraform & OpenTofu

ControlMonkey Terraform CI/CD solution enables DevOps teams to enforce compliance and security policies proactively during the infrastructure CI/CD, and therefore prevent issues and misconfigurations in production.

So starting today, we are offering our users to enforce compliance standards such as PCI-DSS and CIS-AWS V1.4 on any Terraform pull request, and ControlMonkey will validate the resources configuration, as part of the infrastructure CI/CD.


DevOps teams no longer need to manually configure policies that represent the compliance standard their organization is obligated to, they can enforce that standard on any configuration change, in a few clicks.

By doing that, you’re actually preventing any non-compliant resources from reaching your production environment!

Benefits of Compliance Packages for Terraform and OpenTofu

This capability enables DevOps teams to easily enforce the required Compliance standard proactively, rather than responding to non-compliant resources in production, and risk getting penalized for compliance violations.

Companies usually run compliance validations in a detective way, after the resources are deployed to production, using tools like AWS Security Hub.

‘Proactive Compliance Packages’ are comprised of ControlMonkey’s Managed Policies, built-in policies that are managed and constantly maintained by our engineering team.

1 Click Compliance Packages

If you are required to be PCI-DSS compliant, you can validate every resource’s compliance proactively, out of the box, with zero effort.

On top of that, users have enhanced customization and can enforce compliance using various enforcement levels and apply them to specific stacks or namespaces.

Shift left your infrastructure compliance, keep your environment in ‘Always-Compliant’ mode, and avoid paying unnecessary penalties.

Author

Zack Bentolila

Zack Bentolila

Marketing Director

Zack is the Marketing Director at ControlMonkey, with a strong focus on DevOps and DevSecOps. He was the Senior Director of Partner Marketing and Field Marketing Manager at Checkmarx. There, he helped with global security projects. With over 10 years in marketing, Zack specializes in content strategy, technical messaging, and go-to-market alignment. He loves turning complex cloud and security ideas into clear, useful insights for engineering, DevOps, and security leaders.