You're building a CI/CD pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the HashiCorp Terraform Associate Exam with quizzes, flashcards, and multiple-choice questions. Each question includes hints and explanations. Boost your confidence and ace your exam!

Multiple Choice

You're building a CI/CD pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?

Injecting sensitive values into Terraform runs in CI/CD should happen at runtime, not by embedding them in code. Passing variables with the -var flag does just that: you provide the secret values from your CI system or secret manager when you run Terraform, so the values aren’t stored in your configuration files. If you mark these variables as sensitive, Terraform will also minimize their exposure in plan and apply output.

The other approaches store secrets in files checked into version control or copied directly into code, which risks leaking credentials and secrets. Plain text in a repository is equally unsafe.

You're building a CI/CD pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?

Prepare for the HashiCorp Terraform Associate Exam with quizzes, flashcards, and multiple-choice questions. Each question includes hints and explanations. Boost your confidence and ace your exam!

You're building a CI/CD pipeline and need to inject sensitive variables into your Terraform run. How can you do this safely?

Get the latest from Examzify