Which of these is the best practice to protect sensitive values in state files?
Which of these is the best practice to protect sensitive values in state files?
The best practice to protect sensitive values in state files is to use enhanced remote backends. Enhanced remote backends offer encryption both at rest and in transit, which helps in protecting the sensitive information from unauthorized access or tampering. Unlike other options like Secure Sockets Layer (SSL) and signed Terraform providers, enhanced remote backends specifically address the issue of securing state files by providing robust encryption and central storage solutions, such as using S3 buckets or HashiCorp Consul servers.
The best practice for protecting sensitive values in Terraform state files is to use enhanced remote backends, such as those that support encryption at rest and in transit. A remote backend allows you to store your Terraform state in a central location, such as an S3 bucket or a HashiCorp Consul server. This allows you to share state files between team members and across multiple environments, such as staging and production. Using an enhanced remote backend with encryption at rest and in transit helps to protect the sensitive values in your state file from unauthorized access or tampering. Option C, enhanced remote backends, is the correct answer. Options A and B, blockchain and SSL, are not directly related to protecting sensitive values in Terraform state files. Option D, signed Terraform providers, is a security feature that allows you to verify the authenticity of a Terraform provider, but it is not directly related to protecting sensitive values in state files.
Enhanced remote backends
C is correct answer.
I choose C
Correct answer is C
c is the correct answer
C for course
encrypted backend