Plan. Apply. Comply. A blog by compliance.tf

Practical guidance for compliant Terraform delivery

Product updates, engineering notes, and audit-ready implementation patterns for teams building AWS infrastructure with Terraform and OpenTofu.

Get updates by email:

Latest article

Mar 30, 2026

Debugging terraform init: 401, 403, 502, and What Your Headers Are Telling You

A practical guide to diagnosing terraform init failures against private registries using curl, HTTP headers, and the compliance.tf registry.

Read article

Mar 25, 2026

Stop Paying the Terraform Fork Tax

Introducing Operational Rules — your platform standards, enforced at terraform init. No more forking modules to add lifecycle blocks.

Read article

Mar 6, 2026

Why Enterprises Choose Compliance.tf Over terraform-aws-modules

Compare the hidden costs of building compliance yourself on terraform-aws-modules with the built-in controls and managed maintenance that compliance.tf provides.

Read article

Nov 27, 2025

Verifying Compliance.tf Modules: From Guardrails to Audit Evidence

Learn how to validate compliance.tf modules with IaC scanners before deployment and infrastructure scanners after, what evidence auditors need, and how pre-apply and post-apply verification work together.

Read article

Nov 26, 2025

Make Non-Compliant Terraform Impossible With Compliance.tf

Replace after-the-fact Terraform scanning with modules that have built-in compliance controls, blocking non-compliant AWS infrastructure before it reaches your plan.

Read article