# Terraform 1.10 w/ Ephemeral values

> Clean Markdown view of GeekNews topic #18051. Use the original source for factual precision when an external source URL is present.

## Metadata

- GeekNews HTML: [https://news.hada.io/topic?id=18051](https://news.hada.io/topic?id=18051)
- GeekNews Markdown: [https://news.hada.io/topic/18051.md](https://news.hada.io/topic/18051.md)
- Type: news
- Author: [dongho42](https://news.hada.io/@dongho42)
- Published: 2024-12-02T04:12:41+09:00
- Updated: 2024-12-02T04:12:41+09:00
- Original source: [hashicorp.com](https://www.hashicorp.com/blog/terraform-1-10-improves-handling-secrets-in-state-with-ephemeral-values)
- Points: 3
- Comments: 0

## Topic Body

- 기존의 테라폼에서는 시크릿이 plan이나 state file에 평문으로 남았음  
    - private keys, certifications, API tokens, ...  
    - 때문에 시크릿 유출에 의한 위험이 존재  
- 2024/11/27 Terraform 1.10이 GA로 공개됨  
    - Ephemeral values 기능과 함께  
- Ephemeral values는 어디에도 저장되지 않음   
- 지금은 다음 provider의 resource에만 지원됨  
    - AWS: `aws_secretsmanager_secret_version`, `aws_lambda_invocation`  
    - Azure: `azurerm_key_vault_secret`, `azurerm_key_vault_certificate`  
    - Kubernetes: `kubernetes_token_request`, `kubernetes_certificate_signing_request`

## Comments



_No public comments on this page._