github.com/smintz/nomad@v0.8.3/website/source/docs/enterprise/sentinel/index.html.md (about) 1 --- 2 layout: "docs" 3 page_title: "Nomad Enterprise Sentinel Policy Enforcement" 4 sidebar_current: "docs-enterprise-sentinel" 5 description: |- 6 Nomad Enterprise provides support for policy enforcement using Sentinel. 7 --- 8 9 # Nomad Enterprise Sentinel Policy Enforcement 10 11 In [Nomad Enterprise](https://www.hashicorp.com/products/nomad/), operators can 12 create [Sentinel policies](/guides/sentinel-policy.html) for fine-grained policy 13 enforcement. Sentinel policies build on top of the ACL system and allow operators to define 14 policies such as disallowing jobs to be submitted to production on 15 Fridays. These extremely rich policies are defined as code. For example, to 16 restrict jobs to only using the Docker driver, the operator would define and apply 17 the following policy: 18 19 ``` 20 # Only allows Docker based tasks 21 main = rule { all_drivers_docker } 22 23 # all_drivers_docker checks that all the drivers in use are Docker 24 all_drivers_docker = rule { 25 all job.task_groups as tg { 26 all tg.tasks as task { 27 task.driver is "docker" 28 } 29 } 30 } 31 ``` 32 33 See the [Sentinel Policies Guide](/guides/sentinel-policy.html) for additional details and examples.