nerdexam
ExamsTA-002-PQuestions#238
HashiCorpHashiCorp

TA-002-P · Question #238

TA-002-P Question #238: Real Exam Question with Answer & Explanation

The correct answer is A: Secrets are persisted to the state file and plans.. The Vault provider allows Terraform to read from, write to, and configure Hashicorp Vault. Interacting with Vault from Terraform causes any secrets that you read and write to be persisted in both Terraform's state file and in any generated plan files. For any Terraform module tha

Implement and maintain state

Question

What is a downside to using the Vault provider to read secrets from Vault?

Options

  • ASecrets are persisted to the state file and plans.
  • BTerraform and Vault must be running on the same version.
  • CTerraform and Vault must be running on the same physical host.
  • DTerraform requires a unique auth method to work with Vault.

Explanation

The Vault provider allows Terraform to read from, write to, and configure Hashicorp Vault. Interacting with Vault from Terraform causes any secrets that you read and write to be persisted in both Terraform's state file and in any generated plan files. For any Terraform module that reads or writes Vault secrets, these files should be treated as sensitive and protected accordingly.

Topics

#Vault provider#Secrets management#Terraform state#Security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full TA-002-P PracticeBrowse All TA-002-P Questions