Guides

Set up compliance.tf and run your first compliant terraform plan typically in under 10 minutes

Migrate from terraform-aws-modules in 7 steps — authentication, source URL swap, phased rollout, FAQ

Assessment checklist, module playbooks (S3, RDS, VPC, EC2), and version compatibility matrix

Pre-composed Terraform for SOC 2, PCI DSS v4.0, and HIPAA — clone, fill in tfvars, and deploy

Generate compliance artifacts for your auditors

Justify compliance.tf to your leadership team

Before/after diffs, common issues, SOC 2 and PCI DSS controls

Encryption, backup retention, deletion protection, Multi-AZ

Flow logs, public IP auto-assign, default security groups

IMDSv2, EBS encryption, monitoring, instance type restrictions

Supported upstream versions for all 34 modules

Evaluate your migration readiness step by step

Enable lifecycle blocks, tagging, provisioner removal, and instance restrictions — without forks or wrapper modules

See exactly what Operational Rules will change in a module before downloading it

Prerequisites, authentication, multi-environment setup, and troubleshooting

Token setup, complete workflow example, and Checkov verification

Protected CI/CD variables and pipeline YAML configuration

Workspace environment variables and variable sets for the TFC runner

Spacelift, Atlantis, env0, Jenkins, and generic CI environments

How compliance.tf works alongside Checkov, OPA, Control Tower, and custom wrappers

Preventive enforcement vs IaC scanning — how the layers combine

Secure defaults vs policy gating — when to use each

Managed compliance modules vs in-house wrapper maintenance

Resource-level controls vs account-level governance