It is generally considered insecure to store secret data, such as passwords, API keys, and other sensitive information, in the same version control repository as your Terraform configuration. This is because version control repositories are often publicly accessible, and if sensitive information is stored in the repository it can be easily accessed by unauthorized individuals. Additionally, version control repositories typically have a history of all changes made to files, so even if sensitive information is deleted at a later point, it can still be retrieved from the repository history. To properly secure secret data, it is recommended to store it in a secure and encrypted format, such as in a secure vault or by using a tool specifically designed for storing secrets.

B is correct answer : false.

If you store secrets in a version control system, they will be exposed in plain text to anyone with access to the repository.

It's false. Your secrets are stored in a dedicated secret store that enforces encryption and strict access control.

You should store secrets in vaults. And retrieve the secrets when used in your terraform application. So the answer is B false.

B: It is not recommended to store secret data such as passwords, API keys, or other sensitive information in your version control system (VCS). This is a general best practice in software development, not just with Terraform.

B. False

it's no secure B

Answer Definitely B

B. False

B. False Storing secret data in the same version control repository as Terraform configuration is not recommended as it increases the risk of exposing sensitive information. Version control systems are designed for sharing and collaboration, which means that they may not have robust security mechanisms to protect against unauthorized access.

I know it is not recommended, but technically you really "could" store it. SO, this is kinda confusing since it is not asking for Best Security Practices, but just want to check if it is possible or not