Exam Terraform Associate All QuestionsBrowse all questions from this exam
Go to Exam
Question 70

You're building a CI/CD (continuous integration/ continuous delivery) pipeline and need to inject sensitive variables into your Terraform run.

How can you do this safely?

    Correct Answer: A

    The safest way to handle sensitive variables in a CI/CD pipeline is to pass them to Terraform using the -var flag. This practice allows you to supply the values of sensitive variables at runtime, avoiding hardcoding them directly into the Terraform code or storing them in insecure locations such as a source code repository. For even greater security, you can use environment variables or secret management tools supported by your CI/CD platform to pass these values without exposing them.

Discussion
BereOption: A

The safest method to inject sensitive variables into your Terraform run in a CI/CD pipeline is: A. Pass variables to Terraform with a -var flag. When running Terraform in your CI/CD pipeline, you would pass the sensitive variables like this: terraform apply -var="database_password=mysecretpassword" -var="api_key=1234567890abcdef" For enhanced security, in a CI/CD environment, you'd typically use environment variables or secret management tools that are supported by your CI/CD platform to pass these sensitive values, so they are never exposed in logs or stored in insecure locations. For instance, using environment variables: export TF_VAR_database_password=mysecretpassword export TF_VAR_api_key=1234567890abcdef terraform apply

rfdOption: A

Definitely A.

samimshaikhOption: A

The safest option among the choices provided is to use the -var flag to pass sensitive variables to Terraform. This allows you to provide variable values at runtime without hardcoding them directly into the Terraform code or exposing them in the source code repository.

campsOption: A

A. Pass variables to Terraform with a "var" flag. When running Terraform in a CI/CD pipeline, it is important to securely pass sensitive variables to Terraform. One way to pass sensitive variables to Terraform is to use the -var flag to supply the value of the variable at runtime.

EltoothOption: A

A is correct answer : -var See Topic 1 # Question 43 https://blog.gruntwork.io/a-comprehensive-guide-to-managing-secrets-in-your-terraform-code-1d586955ace1

TlakminiOption: A

https://developer.hashicorp.com/terraform/language/values/variables

FaaizzOption: A

Obviously A

bp339Option: A

A is the answer

cloudznjOption: A

I see that is A but since its on B. Will it be B on the exam? Or that option, even though everyone is on A. Just curious.

LunarPhobia

The answers on here aren't always correct. Typically go with the highest rated one

Power123Option: A

A is correct

thor7Option: A

A is a correct answer Reference: https://developer.hashicorp.com/terraform/language/values/variables

eduvar4Option: A

https://developer.hashicorp.com/terraform/language/values/variables

tf_userOption: A

A is correct

Tomcrui1234589Option: A

A for sure

Ahmad_TerraformOption: A

A= correct Var

biscuithammerOption: A

I vote A

bigboi23Option: A

I too would go with A