The tool has evolved to the point that as of October 2014, the default is a 2048 bit RSA keypair. However, if you were not sure in the first place, chances are you do not remember the passphrase to unlock them so you might as well create a new one.Ĭreating a key using GPG is very, very easy. If you are not sure whether you have one or not, you can list your existing keys by running the following command: $ gpg -k The details of the versions I am using are featured below.Īnd my terraform version is: $ terraform -version ![]() I am going to use GPG (the GNU implementation of PGP) and terraform. However, you might want to tweak it a little to suit your needs - like using PGP Keys protected by virtual or physical MFA devices, or using PGP Keys belonging to pipeline services as opposed to individual users.įirst of all, the requirements. Of course, the method I am going to describe in this article can be used for production-grade environments. ![]() This extra level of security that I am referring to is encrypting your terraform secrets, both on-screen and in the terraform state files. ![]() If like me, you also use the terraform binary from your computer to describe and deploy the infrastructure of your projects, you might want to add an extra level of security. How to Use PGP to Encrypt Your Terraform Secrets March 14, 2020
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |