My team has provisioned developer workstations. During the last provisions, it was discovered that an admin could run "ps-ef" and see the vCloud credentials that were provided to instruct Terraform to talk to vCloud. Would a solution be to automatically answer prompts from Terraform, when variables/ credentials are not provided as CLI arguments to the Terraform command?
Asked
Active
Viewed 26 times
1 Answers
1
You should be able to set the various credentials as environment variables, according to the provider documentation.
That won't stop someone with root privileges being able to see them by inspecting /proc but it will stop the credentials being visible with ps.
bodgit
- 4,751
- 16
- 27