terraform-google-vpn icon indicating copy to clipboard operation
terraform-google-vpn copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

use random_password instead of random_id for secrets

Open mikecook opened this issue 3 years ago • 3 comments

  • random_id byte_length = 8 (integers) contains 26.6 bits of entropy. base64url encoding does not change that entropy. Instead use random_password length = 32 restricted to (upper, lower, int) which contains 190.5 bits of entropy.
  • Restrict random_password to special = false to prevent issues with allowed characters.

mikecook avatar Apr 26 '22 20:04 mikecook

Thanks for the PR! 🚀
✅ Lint checks have passed.

comment-bot-dev avatar Apr 26 '22 20:04 comment-bot-dev

I can't see what failed the vpn-integration-test and I'm not in a position to run it locally myself. If it's being racy with the random_password.count then I'll yank that.

mikecook avatar Apr 26 '22 21:04 mikecook

Hi @mikecook, a rebase should hopefully fix the test failure. Cheers!

apeabody avatar Jun 11 '22 01:06 apeabody

This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions[bot] avatar Sep 24 '22 23:09 github-actions[bot]