Don't Enforce Policy with Terraform
In my view, Terraform’s purpose isn’t to enforce policy; it’s to create policies that enforce. Terraform is yet another client of your platform, and it should be treated as such. If for some reason you need to enforce policy, you should do so at the platform level, not at the client level.
Clients should not assume they hold unilateral authority, as other clients may interpret policies in other ways.