HashiCorp Certified: Terraform Associate — Question 29

Which option can not be used to keep secrets out of Terraform configuration files?

Answer options

• A. A Terraform provider
• B. Environment variables
• C. A -var flag
• D. secure string

Correct answer: D

Explanation

The correct answer is D, as secure strings are not a mechanism for managing secrets in Terraform configurations. Options A, B, and C all provide valid methods to handle sensitive information, such as using environment variables or the -var flag to pass variables at runtime.