From 6535cacc46f09571acf03ad461666ceaf4a3124f Mon Sep 17 00:00:00 2001
From: Danielle <daniellem@spacelift.io>
Date: Wed, 11 Oct 2023 09:23:41 +0100
Subject: [PATCH] moving tip

---
 docs/concepts/policy/terraform-plan-policy.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/concepts/policy/terraform-plan-policy.md b/docs/concepts/policy/terraform-plan-policy.md
index ff738745c..24b760b03 100644
--- a/docs/concepts/policy/terraform-plan-policy.md
+++ b/docs/concepts/policy/terraform-plan-policy.md
@@ -165,11 +165,11 @@ deny["must not target the forbidden endpoint: forbidden.endpoint/webhook"] {
 
 ## Custom inputs
 
+Sometimes you might want to pass some additional data to your policy input. For example, you may want to pass the `configuration` data from the Terraform plan, the result of a third-party API or tool call. You can do that by generating a JSON file with the data you need at the root of your project. The file name must follow the pattern `$key.custom.spacelift.json` and must represent a valid JSON _object_. The object will be merged with the rest of the input data, as `input.third_party_metadata.custom.$key`. Be aware that the file name is case-sensitive. Below are two examples, one exposing Terraform configuration and the other exposing the result of a third-party security tool.
+
 !!! Tip
     To learn more about integrating security tools with Spacelift using custom inputs, please refer to our [blog post](https://spacelift.io/blog/integrating-security-tools-with-spacelift){: rel="nofollow"}.
 
-Sometimes you might want to pass some additional data to your policy input. For example, you may want to pass the `configuration` data from the Terraform plan, the result of a third-party API or tool call. You can do that by generating a JSON file with the data you need at the root of your project. The file name must follow the pattern `$key.custom.spacelift.json` and must represent a valid JSON _object_. The object will be merged with the rest of the input data, as `input.third_party_metadata.custom.$key`. Be aware that the file name is case-sensitive. Below are two examples, one exposing Terraform configuration and the other exposing the result of a third-party security tool.
-
 ### Example: exposing Terraform configuration to the plan policy
 
 Let's say you want to expose the Terraform configuration to the plan policy to ensure that only the "blessed" modules are used to provision resources. You would then add the following command to the list of [`after_plan` hooks](../stack/stack-settings.md#customizing-workflow):