You should store secret data in the same version control repository as your Terraform configuration.
You should store secret data in the same version control repository as your Terraform configuration.
It is not recommended to store secret data, such as passwords, API keys, or other sensitive information, in the same version control repository as your Terraform configuration. This is because version control systems are designed for sharing and collaboration and may not have robust security mechanisms to protect against unauthorized access. Storing secrets in a dedicated secret store that enforces encryption and strict access control is a more secure practice.
If you store secrets in a version control system, they will be exposed in plain text to anyone with access to the repository.
B is correct answer : false.
It is generally considered insecure to store secret data, such as passwords, API keys, and other sensitive information, in the same version control repository as your Terraform configuration. This is because version control repositories are often publicly accessible, and if sensitive information is stored in the repository it can be easily accessed by unauthorized individuals. Additionally, version control repositories typically have a history of all changes made to files, so even if sensitive information is deleted at a later point, it can still be retrieved from the repository history. To properly secure secret data, it is recommended to store it in a secure and encrypted format, such as in a secure vault or by using a tool specifically designed for storing secrets.
It's false. Your secrets are stored in a dedicated secret store that enforces encryption and strict access control.
B: It is not recommended to store secret data such as passwords, API keys, or other sensitive information in your version control system (VCS). This is a general best practice in software development, not just with Terraform.
You should store secrets in vaults. And retrieve the secrets when used in your terraform application. So the answer is B false.
I know it is not recommended, but technically you really "could" store it. SO, this is kinda confusing since it is not asking for Best Security Practices, but just want to check if it is possible or not
If you re-read the question it says, You "should" - which means the answer should be B - false. Had it been "could/might" your argument would have been correct.
B. False Storing secret data in the same version control repository as Terraform configuration is not recommended as it increases the risk of exposing sensitive information. Version control systems are designed for sharing and collaboration, which means that they may not have robust security mechanisms to protect against unauthorized access.
B. False
Answer Definitely B
it's no secure B
B. False