Roxyrob

Closed as same issue of https://github.com/hashicorp/terraform-provider-aws/issues/26742

Hi @jrivard, **enforced** Regular Authentication (e.g. pwd+otp) is really important as if someone can rip user and password will can simply login using "Regular Authentication" and change all of your...

As @stumyp suggested a nice JSON encryption popular project exist [Mozilla SOPS](https://github.com/mozilla/sops) allowing encryption of defined values leaving tfstate json syntactically untached for backends. SOPS is a go language open...

@siepkes I undertand what you suppose but I think data security is primary concern for every tools and Terraform is a so great one that cannot neglet also if there...

@FernandoMiguel consul or every other solution does not change the context. Tfstate is always in cleartext somewhere, and someone can access the file and so secrets inside (at least if...

@nneul a tfstate cleartext problem mitigation can be reached if we do not undermining probably basic principles of Terraform behavior and also: having encrypted value in tfatste file (or in...

As written in the referenced haproxy ingress controller issue, Until this issue is identified and resolved I found a WORKAROUND that seems stable enough. Following this link: [Haproxy document SSL...

@dkorunic, was the first try. Indeed deployment manifest has "--default-ssl-certificate" correctly set but no default certificate was created anyway: apiVersion: apps/v1 kind: Deployment metadata: annotations: ... labels: app.kubernetes.io/instance: ingress-haproxy-internal app.kubernetes.io/name:...

Ok. I'll go deep on this, probably misconfiguration or issue on ArgoCD part creating secret resource .yaml from parameters.

Hi @apparentlymart, I'm thinking about information more tied to resources on plan output to depict what the code will do, allowing catching possible issues earlier. One simple case I hit...