Which provider authentication method prevents credentials from being stored in the state file?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the HashiCorp Terraform Associate Exam. Utilize flashcards and multiple-choice questions with detailed hints and explanations. Boost your confidence and be ready for success!

Multiple Choice

Which provider authentication method prevents credentials from being stored in the state file?

Explanation:
Storing credentials securely means ensuring they aren’t written into Terraform state or configuration files. Using environment variables achieves this because Terraform reads those secrets at runtime from the environment and does not persist them in the state file or in the configuration that gets stored or shared. If you place credentials directly in the provider block, or pass them through Terraform variables, those values can end up being saved as part of the configuration or state, increasing the risk of exposure. For example, with the AWS provider you can rely on environment variables like AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, or use a profile, so Terraform can authenticate without writing the secret into the state. This is why environment variables are the best option among the given choices for preventing credentials from being stored in the state file.

Storing credentials securely means ensuring they aren’t written into Terraform state or configuration files. Using environment variables achieves this because Terraform reads those secrets at runtime from the environment and does not persist them in the state file or in the configuration that gets stored or shared. If you place credentials directly in the provider block, or pass them through Terraform variables, those values can end up being saved as part of the configuration or state, increasing the risk of exposure. For example, with the AWS provider you can rely on environment variables like AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY, or use a profile, so Terraform can authenticate without writing the secret into the state. This is why environment variables are the best option among the given choices for preventing credentials from being stored in the state file.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy