TA-002-P · Question #153
TA-002-P Question #153: Real Exam Question with Answer & Explanation
The correct answer is A: False. {"question_number": 10, "question": "Since sensitive is set to true in the output block, the value of db_password will not be present in the state file as plain-text?", "correct_answer": "A. False", "explanation": "Setting sensitive = true on a Terraform output only suppresses th
Question
Refer to the below code where developer is outputting the value of the database password but has used sensitive parameter to hide the output value in the CLI. output "db_password" { value = aws_db_instance.db.password description = "The password for logging in to the database." sensitive = true} Since sensitive is set to true, the value associated with db password will not be present in state file as plain-text?
Options
- AFalse
- BTrue
Explanation
{"question_number": 10, "question": "Since sensitive is set to true in the output block, the value of db_password will not be present in the state file as plain-text?", "correct_answer": "A. False", "explanation": "Setting sensitive = true on a Terraform output only suppresses the value from being displayed in CLI output (e.g., terraform apply or terraform output). It does NOT encrypt or hide the value in the state file. The Terraform state file always stores resource attribute values, including sensitive ones, as plaintext JSON. To protect sensitive values in state, you must use an encrypted remote backend with proper access controls.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.