Update Terraform Infrastructure

With an enforced policy published for your Terraform system type, let's make a change to the fake VPC resource in Terraform which violates the policy we created in the previous step.

Open the main.tf file from the example codebase for this tutorial in your code editor.

For the fakewebservices_vpc resource, change the cidr_block value to 10.0.0.0/16 and save your changes:

resource "fakewebservices_vpc" "primary_vpc" {
  name       = "Primary VPC"
  cidr_block = "10.0.0.0/16"
}

Terraform Apply

In your terminal, run terraform apply to run a plan and apply for the VPC CIDR change. Terraform will output the plan for the resource change in the terminal, after which the plan will be evaluated by Styra DAS.

After a few moments, you should see a Failed post-plan run task result with the failure message we defined in the policy in the previous step.

Figure 1 - Policy Failure

You can also see the details of the policy evaluation failure in Terraform Cloud by following the run link output by the Terraform CLI during the beginning of the run.

Update Terraform Infrastructure

Terraform Apply​

Terraform Apply