A comprehensive guide to managing secrets in your Terraform code
<p>One of the most common questions we get about using <a href="https://blog.gruntwork.io/a-comprehensive-guide-to-terraform-b3d32832baca" rel="noopener ugc nofollow" target="_blank">Terraform</a> to manage infrastructure as code is how to handle secrets such as passwords, API keys, and other sensitive data. For example, here’s a snippet of Terraform code that can be used to deploy MySQL using <a href="https://aws.amazon.com/rds/" rel="noopener ugc nofollow" target="_blank">Amazon RDS</a>:</p>
<pre>
resource "aws_db_instance" "example" {
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t2.micro"
name = "example" # How should you manage the credentials for the master user?
username = "???"
password = "???"
}</pre>
<p>Notice how Terraform requires you to set two secrets, <code>username</code> and <code>password</code>, which are the credentials for the master user of the database. In this blog post, I’ll go over the most common techniques you can use to safely and securely manage such secrets:</p>
<p><a href="https://blog.gruntwork.io/a-comprehensive-guide-to-managing-secrets-in-your-terraform-code-1d586955ace1"><strong>Read More</strong></a></p>