tfmask
tfmask copied to clipboard
cloudposse-archives
Terraform utility to mask select output from `terraform plan` and `terraform apply`
Hi Team, I recently implemented the tfmask binary for one of my project.But, it doesn't mask the passwords for the terraform destroy commands. Command: terraform destroy -no-color | tfmask Could...
Hi, I have a use-case in Terraform 0.12 where I'm adding new resources and I found that the reTfPlanLine regex wasn't capturing lines like: ` + token = "abC123ABc"`. To...
Thanks for putting this together. Quick bug report - if you create something like an aws_s3_bucket_object like so.. ``` resource "aws_s3_bucket_object" "test_item" { bucket = "..." key = "..." content...
Hi I use an external provider and in the data block I can’t mask the token ``` data "external" "sa" { program = ["sh", "${path.module}/get_permission.sh"] query = { token =...
Currently, there is no good way to validate the installation of tfmask. Executing the binary by itself causes it to hang. It would be nice if it supported a `-version`...
Why is the length of a secret included in the output? It would be better to mask with a set length list of repeated characters.
Test: ``` random_string.test-p1: Refreshing state... [id=xxx] random_string.test-p2: Refreshing state... [id=xxx] ``` Looking through the code, it is matching at line 62 but then no action is taken on the line....
I'm attempting to add local_file which I use to create a file containing secrets. Attempt to update the tflask using environemtn variable is failing. typing the values below `export` TFMASK_VALUES_REGEX="(?i)^.*(oauth|secret|token|password|key|result|cert|certificate).*$"...
Example ``` Apply complete! Resources: 0 added, 1 changed, 0 destroyed. Outputs: chamber_access_key_id = xxxxxxxxxxxxxx chamber_kms_key_alias_arn = arn:aws:kms:us-west-2:xxxxxxx:alias/xxxxx-staging-chamber chamber_kms_key_alias_name = alias/xxxxx-staging-chamber chamber_kms_key_arn = arn:aws:kms:us-west-2:xxxxxxx:key/xxxx-56a2-471b-815c-xxxxxxxxx chamber_kms_key_id = xxxxx-xxxx-471b-815c-xxxxxxxxx chamber_secret_access_key = xxxxxxxx/xxxxxxxxxxxxxx...
## what * This PR adds support of multiline replace rules ## why * These rules could be used for example to find and mask RSA private keys, certificates and...
Metadata
Owner
Metadata
Terraform utility to mask select output from `terraform plan` and `terraform apply`