HashiCorp Certified: Terraform Associate — Question 76

Which of these options is the most secure place to store secrets foe connecting to a Terraform remote backend?

Answer options

• A. Defined in Environment variables
• B. Inside the backend block within the Terraform configuration
• C. Defined in a connection configuration outside of Terraform
• D. None of above

Correct answer: A

Explanation

Storing secrets in environment variables is considered secure because they are not hard-coded in the configuration files, reducing the risk of exposure. In contrast, placing secrets inside the backend block or in connection configurations can lead to unintentional leaks through source control or logs. Therefore, option A is the best choice for security.