Skip to content

Masking sensitive data in tarraform parameters #45

New issue
New issue
Open
Open
Masking sensitive data in tarraform parameters#45
Labels
enhancement
@apielasa

Description

@apielasa
apielasa
opened on Mar 22, 2023

Some values that need to be defined as terraform variables are sensitive and in my opinion, should not be printed out in StackStorm GUI and logs in a plain text. For example, client_secret is required in backend configuration or any sensitive data we want to set as terraform variable.

Is there any way of defining sensitive data in the current setup?

If there is no option of doing it, in my opinion, we should consider changing "backend" object in the "init" action and "variable_dict" object in other actions like "plan", "apply" and "destroy"

change proposal:

  variable_dict:
    type: "object"
    description: "Terraform variable object (variables in here will overwrite any that are in files)"
    required: false
    secret: true

  backend:
    type: "object"
    description: "Key-Value pairs of backend configuration options."
    required: false
    secret: true

Let me know please what you think about it.
I can make a pull request if you do agree with this proposal.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions