Complete the code to define a Sentinel policy that checks if the resource type is 'aws_instance'.
resource_type = tfplan.resource_changes[0].[1]
The 'type' attribute specifies the resource type in the Terraform plan, such as 'aws_instance'.
Complete the code to check if the resource action includes 'create'.
actions = tfplan.resource_changes[0].change.[1]
The 'actions' attribute lists the planned actions like 'create', 'update', or 'delete'.
Fix the error in the policy condition to allow only 't2.micro' instance types.
allowed = rule {
resource_type == "aws_instance" and tfplan.resource_changes[0].change.after.instance_type [1] "t2.micro"
}The condition must check equality '==' to allow only 't2.micro' instance types.
Fill both blanks to define a rule that denies any resource with 'delete' action.
deny_delete = rule {
tfplan.resource_changes[0].change.[1] contains [2]
}The 'actions' list contains planned actions. Checking if it contains 'delete' denies deletion.
Fill all three blanks to create a rule that allows only 'aws_s3_bucket' resources with versioning enabled.
allow_s3_versioning = rule {
resource_type = tfplan.resource_changes[0].[1]
versioning = tfplan.resource_changes[0].change.after.versioning.[2]
resource_type == "[3]" and versioning == true
}The 'type' attribute identifies the resource type. The 'enabled' attribute inside 'versioning' indicates if versioning is on. The resource type must be 'aws_s3_bucket'.