top | item 37809823 (no title) kasfkaj | 2 years ago Yes, this. Just supply a few flags to configure terraform backend to store the state in remote storage and encrypt it.terraform init --backend=gcs --bucket="xxx" --prefix="my-deployment-name" --encryption_key="my-random-bits" discuss order hn newest Hnrobert42|2 years ago Again, that just puts a bandaid over the problem. You can’t individual audit access to or rotate secrets stored state files.
Hnrobert42|2 years ago Again, that just puts a bandaid over the problem. You can’t individual audit access to or rotate secrets stored state files.
Hnrobert42|2 years ago