sorry, D seems invalid, well, at least depending on what we understand as "Variable file". We do not want to keep secrets in .tfvars file within repository. It seems to be BC then.
BD.
(B) clearly yes
Now it comes down to between (C) and (D).
(C) would not be appropriate because connection configurations deal with connections which are not directly relevant to the question.
(D) is more relevant and correct because you can pass in your variable file on using the CLI which will allow your secrets to exist outside of the main code
The secure options for storing secrets for connecting to a Terraform remote backend are:
B. Defined in Environment variables
D. A variable file
Environment variables provide a secure way to store sensitive information without exposing it directly in the code. Using a variable file allows for separate storage of sensitive data, which can be managed and secured independently from the Terraform configuration itself. Storing secrets inside the backend block or in a connection configuration outside of Terraform might expose sensitive information within the configuration files or external settings, which could pose a security risk.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Oleg_gol
Highly Voted 1 year, 6 months agoKriegs
Most Recent 2 months, 3 weeks agoKriegs
2 months, 3 weeks agodankositzke
9 months agodev_maftuna
11 months, 3 weeks ago