Jerrad Dahlager
@nineliveszerotrust.com
Cloud Security Architect | Adjunct Instructor | Writing about cloud security for the curious 🐱 | CISSP | CCSP | MN Sports ⚾ | nineliveszerotrust.com
A common Terraform misconception: sensitive redacts output, not state.
sensitive=true only redacts output. Secrets still end up in state/plan files.
1.11’s write-only args fix this.
Hands-on guide with AWS + Azure examples
nineliveszerotrust.com/blog/terrafo...
#CloudSecurity #DevSecOps
sensitive=true only redacts output. Secrets still end up in state/plan files.
1.11’s write-only args fix this.
Hands-on guide with AWS + Azure examples
nineliveszerotrust.com/blog/terrafo...
#CloudSecurity #DevSecOps
December 27, 2025 at 2:22 AM
A common Terraform misconception: sensitive redacts output, not state.
sensitive=true only redacts output. Secrets still end up in state/plan files.
1.11’s write-only args fix this.
Hands-on guide with AWS + Azure examples
nineliveszerotrust.com/blog/terrafo...
#CloudSecurity #DevSecOps
sensitive=true only redacts output. Secrets still end up in state/plan files.
1.11’s write-only args fix this.
Hands-on guide with AWS + Azure examples
nineliveszerotrust.com/blog/terrafo...
#CloudSecurity #DevSecOps