HashiCorp Certified: Terraform Associate — Question 33

You're building a CI/CD (continuous integration/ continuous delivery) pipeline and need to inject sensitive variables into your Terraform run.
How can you do this safely?

Answer options

• A. Pass variables to Terraform with a ג€"var flag
• B. Copy the sensitive variables into your Terraform code
• C. Store the sensitive variables in a secure_vars.tf file
• D. Store the sensitive variables as plain text in a source code repository

Correct answer: A

Explanation

The correct answer is A, as using the 'var' flag allows you to securely pass sensitive variables without hardcoding them in your code. Options B and D are insecure practices that expose sensitive information, while option C does not offer the same level of security as passing variables through the command line.