Friday, 4 March 2022

Security in Terraform- How to manage your Credentials( Secret Key and Access Key)

 There are 5 rules that can help you secure your Terraform Infrastructure:

#1: Don’t Store Secrets in Plain Text(Encrypt them)

#2: Keep Your Terraform State Secure

#3: Environment Variables

#4: Encrypted Files (e.g., KMS, PGP, SOPS)

#5: Secret Stores (e.g., Vault, AWS Secrets manager)

We will Focus on #1

Store and Encrypt Credentials in Jenkins (Access and Secret Key) 

In this step, we will be storing and encrypting the access and secret key in Jenkins to maximize security and minimize the chances of exposing our credentials.

    • Go to Manage Jenkins > Manage Credentials > Click on Jenkins the highlighted link as shown below


    • Select Add Credentials
    • Choose Secret text in the Kind field
    •  Enter the following below:
    Note: Modify the yellow highlighted text with the right value.
      • Secret = EnterYourSecretKeyHere
      • ID = AWS_SECRET_ACCESS_KEY
      • Description = AWS_SECRET_ACCESS_KEY
    Click OK

    Add another credential and enter the following:

      • Secret = EnterYourAccessIDHere
      • ID = AWS_ACCESS_KEY_ID
      • Description = AWS_ACCESS_KEY_ID

    Click OK





    Configure Terraform

    at
    Labels: , ,

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    How to upgrade Maven

      java.lang.IllegalStateException I had installed maven in my ubuntu using command  apt install maven This installed maven in path /usr/shar...