How Secure are Your Sensitive Values in Terraform? Common Pitfalls of Scale Factory's Clients
See how to shift-left with your sensitive value and secret credentials protection in both HashiCorp Terraform and Vault.
Learn how to securely manage sensitive values, such as secrets, passwords, and keys early on ( shift-left ) in HashiCorp Terraform code. We will explore options, including HashiCorp Vault, on how to tackle this and avoid the most common pitfalls we have observed at The Scale Factory while working with our clients. Using available mechanisms in the latest Terraform release I will also demo how we can better handle sensitive values in our infrastructure definitions.
Background: Last year was challenging for everyone, and it has even accelerated the fast pace of the digital transformation. Therefore, we see more and more businesses, organizations, and social activities performed entirely online. Consequently, we store more data in private and public clouds, where it needs to be stored securely. The security considerations should include all architectural layers, including the foundational infrastructure layer. If following the DevOps principles, we would define our infrastructure using Infrastructure as Code (IaC) - i.e. Terraform.
Speaker: Marko Bevc
