Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Terraform-Associate-003 Topic 6 Question 24 Discussion

Actual exam question for HashiCorp's Terraform-Associate-003 exam
Question #: 24
Topic #: 6
[All Terraform-Associate-003 Questions]

Your security team scanned some Terraform workspaces and found secrets stored in plaintext in state files. How can you protect that data?

Show Suggested Answer Hide Answer
Suggested Answer: B

In Terraform Cloud, speculative plan runs are not automatically started when changes are merged or committed to the version control repository linked to a workspace. Instead, speculative plans are typically triggered as part of proposed changes in merge requests or pull requests to give an indication of what would happen if the changes were applied, without making any real changes to the infrastructure. Actual plan and apply operations in Terraform Cloud workspaces are usually triggered by specific events or configurations defined within the Terraform Cloud workspace settings. Reference = This behavior is part of how Terraform Cloud integrates with version control systems and is documented in Terraform Cloud's usage guidelines and best practices, especially in the context of VCS-driven workflows.


by Catarina at Sep 18, 2024, 10:45 PM

Limited Time Offer

25%

Off

Get Premium Terraform-Associate-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kris
23 days ago
Encrypted backend? More like 'encrypt-ted' backend, am I right? Gotta keep those secrets hush-hush, folks!
upvoted 0 times
...
Von
28 days ago
Scrubbing the state file? That's like trying to unsee a bad horror movie. Nope, I'm keeping my secrets locked up tight with that encrypted backend, thank you very much.
upvoted 0 times
Tonja
3 days ago
Encrypting the state file is the way to go. Can't risk exposing those secrets.
upvoted 0 times
...
...
Alva
1 months ago
Option B sounds tempting, but I've heard that secrets.tfvars can still be vulnerable if not properly secured. Gotta go with the encryption option, my dude.
upvoted 0 times
Patti
7 days ago
I always make sure to encrypt any sensitive information to keep it safe from prying eyes.
upvoted 0 times
...
Laurene
9 days ago
Yeah, I agree. Option B might not be enough to fully secure the data.
upvoted 0 times
...
Latosha
23 days ago
Encrypting secrets is definitely the way to go. It adds an extra layer of protection.
upvoted 0 times
...
...
Alaine
1 months ago
Deleting the state file every time? That's like throwing the baby out with the bathwater. Nah, I'm going with option D - encrypted backend all the way!
upvoted 0 times
Chauncey
21 days ago
I agree, encrypting the backend is a much better solution. It keeps the data secure without having to delete it constantly.
upvoted 0 times
...
Matthew
30 days ago
Option D - encrypted backend is definitely the way to go. It's more secure than deleting the state file every time.
upvoted 0 times
...
...
King
2 months ago
I think editing the state file to remove sensitive data is also a good option.
upvoted 0 times
...
Katina
2 months ago
Ah, the age-old question of how to keep our secrets safe. I reckon option D is the way to go - storing the state in an encrypted backend is the most secure approach here.
upvoted 0 times
Blondell
15 days ago
User1: That could work too, but storing in an encrypted backend is more secure.
upvoted 0 times
...
Irene
16 days ago
User3: What about editing the state file to remove sensitive data?
upvoted 0 times
...
Sabina
24 days ago
User2: Agreed, storing the state in an encrypted backend is the most secure.
upvoted 0 times
...
Yaeko
27 days ago
User1: I think option D is the best choice.
upvoted 0 times
...
...
Jose
2 months ago
I agree with Rodney, storing secrets in plaintext is a security risk.
upvoted 0 times
...
Rodney
2 months ago
We should store the state in an encrypted backend to protect the data.
upvoted 0 times
...

Save Cancel